CVE-2026-8251 - Vulnerability Analysis
MediumCVSS: 4.3Last Updated: May 12, 2026
Open5GS - Denial of Service
Published: May 10, 2026Updated: May 12, 2026PoC AvailableRemote Exploitable
Overview
Open5GS <= 2.7.7 contains a denial of service caused by manipulation in update_authorized_pcc_rule_and_qos function in SMF component, letting remote attackers cause service disruption, exploit requires crafted request.
Severity & Score
Severity: Medium
CVSS Score: 4.3
Impact
Remote attackers can cause denial of service, disrupting availability of the affected system.
Mitigation
Update to the latest version.
References
Related Resources
Details
- CVE ID
- CVE-2026-8251
- Severity
- Medium
- CVSS Score
- 4.3
- Type
- undefined
- Status
- confirmed
CWE
- CWE-404
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L