PatchSiren cyber security CVE debrief
CVE-2026-8744 Open5gs CVE debrief
CVE-2026-8744 affects Open5GS NRF logic in /lib/sbi/context.c and can be triggered remotely to cause denial of service. The CVE description ties the issue to ogs_sbi_subscription_data_add and ogs_sbi_nf_service_add, and states that a public exploit disclosure exists. Even though the assigned CVSS score is low, exposed Open5GS NRF deployments should treat this as a real operational risk because availability failures in core signaling services can be disruptive.
- Vendor
- Open5gs
- Product
- Unknown
- CVSS
- LOW 2.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-17
- Original CVE updated
- 2026-05-18
- Advisory published
- 2026-05-17
- Advisory updated
- 2026-05-18
Who should care
Open5GS operators, especially teams running the NRF component; telecom and 5G core administrators; distro/package maintainers shipping Open5GS; incident responders monitoring service availability.
Technical summary
The supplied CVE record describes a vulnerability in Open5GS up to version 2.7.7. The affected code is in the NRF component’s /lib/sbi/context.c path, specifically the ogs_sbi_subscription_data_add and ogs_sbi_nf_service_add functions. A remote attacker can manipulate inputs in a way that leads to denial of service. The record also points to patch commit 819db11a08b9736a3576c4f99ceb28f7eb99523a and links related issue and pull request references in the Open5GS repository.
Defensive priority
Moderate for any exposed Open5GS NRF deployment; lower urgency only if the component is tightly isolated and already patched.
Recommended defensive actions
- Apply the referenced Open5GS fix by updating to a release that includes commit 819db11a08b9736a3576c4f99ceb28f7eb99523a, or backport that patch into your current build.
- Confirm whether your deployment is running Open5GS up to 2.7.7 and inventory any NRF instances using the affected code path.
- Prioritize patching internet-facing or cross-trust NRF deployments first, since the CVE is remotely reachable and publicly disclosed.
- After remediation, validate NRF stability and review logs for unexpected service interruptions or repeated request patterns.
- Track vendor/package advisories for a fixed release if you rely on downstream builds rather than source commits.
Evidence notes
The source corpus is the NVD CVE entry for CVE-2026-8744, which records Open5GS as the affected project and includes references to the Open5GS repository, the patch commit 819db11a08b9736a3576c4f99ceb28f7eb99523a, issue references 4465 and 4466, and pull request 4534. The CVE description supplied in the corpus states the issue affects Open5GS up to 2.7.7, is remotely reachable, can cause denial of service, and has publicly disclosed exploit material. Timing context is based on the supplied CVE published/modified timestamps of 2026-05-17T10:16:36.730Z.
Official resources
-
CVE-2026-8744 CVE record
CVE.org
-
CVE-2026-8744 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
[email protected] - Product
-
Mitigation or vendor reference
[email protected] - Patch
-
Source reference
[email protected] - Exploit, Issue Tracking
-
Source reference
[email protected] - Exploit, Issue Tracking
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Patch
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Published on 2026-05-17. The supplied CVE description says exploit material has been publicly disclosed and may be utilized. No KEV entry was provided in the source corpus.