CVE-2026-14618
MEDIUMOpen5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service
Title source: cnaDescription
A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amf_nnrf_handle_nf_discover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may be used. The patch is identified as fb5f67703de0213fb9c6e6ef3b48b6c1707e9503. It is best practice to apply a patch to resolve this issue.
References (8)
Core 8
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-376135 | Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service
https://vuldb.com/vuln/376135
Signature, Permissions Required signature
permissions-required
VDB-376135 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/376135/cti
Third Party Advisory third-party-advisory
CVE-2026-14618 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-14618
Third Party Advisory third-party-advisory
Submit #844824 | Open5GS 2.7.7 Denial of Service
https://vuldb.com/submit/844824
Exploit exploit
issue-tracking
https://github.com/open5gs/open5gs/issues/4517
Issue Tracking issue-tracking
https://github.com/open5gs/open5gs/issues/4517#issuecomment-4589606265
Patch patch
https://github.com/ferrancanellas/open5gs/commit/fb5f67703de0213fb9c6e6ef3b48b6c1707e9503
Product product
https://github.com/open5gs/open5gs/
Scores
CVSS v3
4.3
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-404
Status
published
Products (8)
None/Open5GS
2.7.0
None/Open5GS
2.7.1
None/Open5GS
2.7.2
None/Open5GS
2.7.3
None/Open5GS
2.7.4
None/Open5GS
2.7.5
None/Open5GS
2.7.6
None/Open5GS
2.7.7
Published
Jul 04, 2026
Tracked Since
Jul 04, 2026