CVE-2026-8730 Open5gs CVE debrief

Who should care

Operators and integrators running Open5GS NRF services, especially deployments exposed to untrusted or remote clients, should review this issue. It is also relevant to teams that rely on Open5GS for mobile core infrastructure availability.

Technical summary

The flaw is described in /lib/sbi/context.c within the NRF component, specifically in ogs_sbi_nf_instance_set_id. A crafted or manipulated nfInstanceId value can lead to denial of service over the network. The source record maps the issue to CWE-404 and lists the impact primarily as availability loss.

Defensive priority

Low to medium. The CVSS score is low, but remote reachability and a published exploit raise operational urgency for exposed NRF deployments.

Recommended defensive actions

• Confirm whether your Open5GS deployment includes the NRF component and whether it is reachable from untrusted networks.
• Inventory versions and treat Open5GS up to 2.7.6 as potentially affected based on the published record.
• Monitor vendor and project channels for an official fix or advisory update.
• Review access controls and network exposure around NRF endpoints to reduce remote attack surface.
• If you cannot patch immediately, increase monitoring for availability disruptions affecting NRF services.

Evidence notes

This debrief is based on the supplied NVD record and its cited references, including the Open5GS repository and issue link. The source description states that the flaw affects Open5GS up to 2.7.6, that it is reachable remotely, and that an exploit has been published. The vendor attribution in the source data is weak/uncertain, so the product framing is kept limited to the referenced Open5GS project.

Official resources