CVE-2026-8731 Open5gs CVE debrief

Who should care

Operators and integrators running Open5GS, especially environments exposing NRF/SBI interfaces or allowing low-privileged access paths. Telecom core teams and service providers should also track it because the impact is availability-focused and the issue is publicly disclosed.

Technical summary

The supplied CVE data says that altering the client_pool argument in ogs_sbi_client_add can lead to denial of service in Open5GS NRF. NVD metadata marks the record as Received and includes a CVSS v4.0 vector with network reachability, low attack complexity, low privileges, no user interaction, and availability impact, along with CWE-404.

Defensive priority

Moderate for exposed Open5GS deployments. Although the CVSS score is low, the issue affects a core network-facing function and has a public disclosure, so environments using NRF should validate exposure and track remediation promptly.

Recommended defensive actions

• Inventory Open5GS deployments and confirm whether any instance is running version 2.7.7 or earlier.
• Check whether NRF/SBI access is exposed to untrusted networks or low-privileged users.
• Restrict and segment access to NRF and related SBI interfaces until a fix is available.
• Monitor upstream Open5GS issue 4464 and the NVD/CVE records for patch or remediation updates.
• Apply vendor or project updates as soon as a fixed release is published.
• Watch for abnormal NRF behavior or repeated service interruption indicators in logs and monitoring systems.

Evidence notes

The supplied corpus links the issue to Open5GS via the upstream repository reference and GitHub issue 4464, while the NVD record shows the CVE as Received. The reported impact is denial of service in ogs_sbi_client_add (/lib/sbi/client.c) through manipulation of client_pool, with CWE-404 listed in the source metadata and a CVSS v4.0 score of 2.1/LOW.

Official resources