CVE-2026-7707

4.3 MEDIUM
Published: May 03, 2026 Modified: May 05, 2026
View on NVD

Description

A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in denial of service. The attack can be launched remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://vuldb.com/submit/805699
Source: cna@vuldb.com
https://vuldb.com/submit/805700
Source: cna@vuldb.com
https://vuldb.com/vuln/360883
Source: cna@vuldb.com
https://github.com/open5gs/open5gs/issues/4410
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
https://vuldb.com/submit/805699
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
https://vuldb.com/submit/805700
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
4.3 / 10.0
EPSS (Exploit Probability)
0.4%
32th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)