Open5Gs

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:open5gs:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductOpen5Gs (bfcc4617-9383-52b6-805c-b7ace0044ea9)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-9405 vulnerable 2026-06-08 07:45:22.432353 Open5GS gmm-sm.c gmm_state_exception assertion
MEDIUM (5.3)
A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmm_state_exception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The patch is identified as 8e5fed16114f2f5e40bee1b161914b592b2b7b8f. Applying a patch is advised to resolve this issue.
Published: 2025-08-25T03:02:08.364Z
Updated: 2025-08-31T08:08:22.918Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8805 vulnerable 2026-06-08 07:45:21.164638 Open5GS SMF gsm-sm.c smf_gsm_state_wait_pfcp_deletion denial of service
MEDIUM (5.3)
A vulnerability was determined in Open5GS up to 2.7.5. Affected by this issue is the function smf_gsm_state_wait_pfcp_deletion of the file src/smf/gsm-sm.c of the component SMF. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The patch is identified as c58b8f081986aaf2a312d73a0a17985518b47fe6. It is recommended to upgrade the affected component.
Published: 2025-08-10T10:32:08.617Z
Updated: 2025-08-15T13:44:03.739Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8804 vulnerable 2026-06-08 07:45:21.164013 Open5GS AMF ngap_build_downlink_nas_transport assertion
MEDIUM (5.3)
A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.
Published: 2025-08-10T10:02:08.574Z
Updated: 2025-08-15T13:44:07.710Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8803 vulnerable 2026-06-08 07:45:21.163477 Open5GS AMF gmm-sm.c gmm_state_exception denial of service
MEDIUM (5.3)
A vulnerability has been found in Open5GS up to 2.7.5. Affected is the function gmm_state_de_registered/gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 1f30edac27f69f61cff50162e980fe58fdeb30ca. It is recommended to upgrade the affected component.
Published: 2025-08-10T09:32:07.220Z
Updated: 2025-08-15T16:14:20.905Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8802 vulnerable 2026-06-08 07:45:21.162966 Open5GS SMF smf-sm.c smf_state_operational denial of service
MEDIUM (5.3)
A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smf_state_operational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version v2.7.6 is able to address this issue. The patch is identified as f168f7586a4fa536cee95ae60ac437d997f15b97. It is recommended to upgrade the affected component.
Published: 2025-08-10T09:02:07.285Z
Updated: 2025-08-15T13:43:59.382Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8801 vulnerable 2026-06-08 07:45:21.162441 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8800 vulnerable 2026-06-08 07:45:21.162033 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8799 vulnerable 2026-06-08 07:45:21.161486 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-8698 vulnerable 2026-06-08 07:45:20.995219 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-7485 vulnerable 2026-06-08 07:45:17.503315 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-6952 vulnerable 2026-06-08 07:43:16.719856 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-5935 vulnerable 2026-06-08 07:37:26.102548 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-5520 vulnerable 2026-06-08 07:37:25.081485 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-5501 vulnerable 2026-06-08 07:37:24.964576 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-1925 vulnerable 2026-06-08 07:08:38.479587 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-1893 vulnerable 2026-06-08 07:08:38.429756 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.