PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-8222 Vuldb CVE debrief

CVE-2026-8222 describes a remotely reachable denial-of-service condition in Open5GS affecting the sm-policies endpoint. The issue is reported in pcf_nbsf_management_handle_register within src/pcf/nbsf-handler.c, and the source description says the exploit was publicly disclosed. The same source also states the project was informed early via an issue report but had not responded at the time of publication.

Vendor
Vuldb
Product
Unknown
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-10
Original CVE updated
2026-05-10
Advisory published
2026-05-10
Advisory updated
2026-05-10

Who should care

Operators and maintainers running Open5GS deployments, especially environments exposing the sm-policies endpoint, should treat this as an availability risk. Service owners should also care if Open5GS is part of a production mobile core or lab environment that must remain reachable and stable.

Technical summary

The supplied record reports a flaw in Open5GS up to version 2.7.7 in the sm-policies endpoint handling path. The affected function is pcf_nbsf_management_handle_register in src/pcf/nbsf-handler.c. The listed impact is denial of service from a remote attacker, with no privileges or user interaction indicated in the provided CVSS vector. NVD metadata shows CVSS 4.0 AV:N/AC:L/AT:N/PR:N/UI:N with availability impact only (VA:L), which is consistent with a network-reachable service disruption rather than a confidentiality or integrity issue.

Defensive priority

Medium

Recommended defensive actions

  • Inventory Open5GS deployments and identify any systems running version 2.7.7 or earlier.
  • Review whether the sm-policies endpoint is exposed to untrusted networks and restrict access where possible.
  • Monitor Open5GS project and NVD records for a fixed release or vendor guidance.
  • Apply vendor updates or upgrade to a non-affected version as soon as an official fix is available.
  • Add availability monitoring and alerting around Open5GS PCF-related services to detect abnormal failures or restarts.
  • If immediate remediation is not possible, reduce exposure with network segmentation, access controls, and rate limiting around the affected service path.

Evidence notes

Claims in this debrief are limited to the supplied NVD-derived record and its listed references. The affected component, function name, version range, remote DoS impact, and public-disclosure context come from the source description and metadata. CVSS context is taken from the supplied CVSS 4.0 vector in the record. No exploit technique, reproduction detail, or unverified fix information is included.

Official resources

The supplied description states that the exploit has been disclosed publicly and that the project was informed early through an issue report, but had not responded yet at the time of the source record.