CVE-2026-14618

MEDIUM

Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service

Title source: cna
STIX 2.1

Description

A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amf_nnrf_handle_nf_discover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may be used. The patch is identified as fb5f67703de0213fb9c6e6ef3b48b6c1707e9503. It is best practice to apply a patch to resolve this issue.

References (8)

Core 8
Core References
Vdb Entry, Technical Description vdb-entry technical-description
VDB-376135 | Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service
https://vuldb.com/vuln/376135
Signature, Permissions Required signature permissions-required
VDB-376135 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/376135/cti
Third Party Advisory third-party-advisory
CVE-2026-14618 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-14618
Third Party Advisory third-party-advisory
Submit #844824 | Open5GS 2.7.7 Denial of Service
https://vuldb.com/submit/844824
Exploit exploit issue-tracking
https://github.com/open5gs/open5gs/issues/4517

Scores

CVSS v3 4.3
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Details

CWE
CWE-404
Status published
Products (8)
None/Open5GS 2.7.0
None/Open5GS 2.7.1
None/Open5GS 2.7.2
None/Open5GS 2.7.3
None/Open5GS 2.7.4
None/Open5GS 2.7.5
None/Open5GS 2.7.6
None/Open5GS 2.7.7
Published Jul 04, 2026
Tracked Since Jul 04, 2026