Back to overview

CVE-2026-15194

LOW Exploitation: PoC
3.3
CVSS 3.1
Description
A security flaw has been discovered in Open5GS 2.7.7. This affects the function amf_context_final of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks.

Metadata

CVE ID
CVE-2026-15194
State
PUBLISHED
Assigner
VulDB
Reserved
2026-07-09 05:54 UTC
Published
2026-07-09 17:00 UTC
Last updated
2026-07-09 17:31 UTC
Primary CWE
CWE-416
Use After Free
Vendor / Product
n/a / Open5GS
Sources
cve.org  ·  NVD

Severity & Metrics

3.3 LOW CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
SSVC — CISA Coordinator
Exploitation
PoC
Automatable
no
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
n/a Open5GS 2.7.7
Weakness (CWE)
CWESourceDescription
CWE-119 cna Memory Corruption
CWE-416 cna Use After Free
CVSS scores (4)
ScoreSeverityVersionSourceVector
4.8 MEDIUM 4.0 cna CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
3.3 LOW 3.1 cna CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
3.3 LOW 3.0 cna CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
1.7 N/D 2.0 cna AV:L/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR
References (6)
Back to overview