Back to overview

CVE-2026-15720

HIGH
8.6
CVSS 3.1
Description
In Open5GS through version 2.7.7 a pre-authentication heap out-of-bounds read in the AMF NAS 5GS mobile-identity handler may result in subscriber-wide denial of service.

Metadata

CVE ID
CVE-2026-15720
State
PUBLISHED
Assigner
redhat-cnalr
Reserved
2026-07-14 12:29 UTC
Published
2026-07-14 18:20 UTC
Last updated
2026-07-14 18:20 UTC
Primary CWE
CWE-125
CWE-125 Out-of-bounds read
Vendor / Product
open5gs / open5gs
Sources
cve.org  ·  NVD

Severity & Metrics

8.6 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Affected products (1)
VendorProductPlatformVersions
open5gs open5gs 0 ≤ 2.7.7
Weakness (CWE)
CWESourceDescription
CWE-125 cna CWE-125 Out-of-bounds read
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.6 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Back to overview