CVE-2026-7707
Published: Sun, 03 May 2026 23:16
Summary
A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the arg
Details
A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in denial of service. The attack can be launched remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Are YOU affected by CVE-2026-7707?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether CVE-2026-7707 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
References
- https://github.com/open5gs/open5gs/
- https://github.com/open5gs/open5gs/issues/4410
- https://github.com/open5gs/open5gs/issues/4411
- https://vuldb.com/submit/805699
- https://vuldb.com/submit/805700
- https://vuldb.com/vuln/360883
- https://vuldb.com/vuln/360883/cti
- https://github.com/open5gs/open5gs/issues/4410
- https://vuldb.com/submit/805699
- https://vuldb.com/submit/805700
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.