Exploitation Summary
EIP tracks 1 public exploit for CVE-2026-0622. PoCs published by cyberdudebivash.
AI-analyzed exploit summary The repository claims to detect and remediate CVE-2026-0622 but lacks actual exploit code, instead promoting premium features and external downloads. The README is marketing-heavy with no technical details about the vulnerability.
Description
Open 5GS WebUI uses a hard-coded JWT signing key (change-me) whenever the environment variable JWT_SECRET_KEY is unset
Exploits (1)
nomisec
SUSPICIOUS
by cyberdudebivash · poc
https://github.com/cyberdudebivash/CYBERDUDEBIVASH-5G-Core-Key-Rotation-Ghost-Admin-Auditor
The repository claims to detect and remediate CVE-2026-0622 but lacks actual exploit code, instead promoting premium features and external downloads. The README is marketing-heavy with no technical details about the vulnerability.
Classification
Suspicious 95%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target:
5G Core software (NRF, UDM/AUSF)
Auth required
Prerequisites:
access to NRF/UDM APIs · valid auth token
devstral-2 · analyzed Feb 18, 2026
Full analysis →
References (4)
Core 4
Core References
Vendor Advisory, Issue Tracking
https://github.com/open5gs/open5gs/issues/2264
Issue Tracking
https://github.com/open5gs/open5gs/issues/856
Issue Tracking, Patch
https://github.com/open5gs/open5gs/pull/857
Third Party Advisory
https://www.kb.cert.org/vuls/id/458022
Scores
CVSS v3
6.5
EPSS
0.0041
EPSS Percentile
32.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-798
Status
published
Products (1)
open5gs/open5gs
< 2.7.6
Published
Jan 20, 2026
Tracked Since
Feb 18, 2026