CVE-2025-15528

5.3 MEDIUM
Published: January 16, 2026 Modified: February 23, 2026
View on NVD

Description

A vulnerability has been found in Open5GS up to 2.7.6. Affected by this vulnerability is an unknown functionality of the component GTPv2 Bearer Response Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 98f76e98df35cd6a35e868aa62715db7f8141ac1. A patch should be applied to remediate this issue.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/open5gs/open5gs/
Source: cna@vuldb.com
https://github.com/open5gs/open5gs/commit/98f76e98df35cd6a35e868aa62715db7f8141ac1
Source: cna@vuldb.com
Patch
https://github.com/open5gs/open5gs/issues/4225
Source: cna@vuldb.com
Exploit Issue Tracking Vendor Advisory
https://github.com/open5gs/open5gs/issues/4225#issue-3769531006
Source: cna@vuldb.com
Exploit Issue Tracking Vendor Advisory
https://vuldb.com/?ctiid.341595
Source: cna@vuldb.com
Permissions Required VDB Entry
https://vuldb.com/?id.341595
Source: cna@vuldb.com
Third Party Advisory VDB Entry
https://vuldb.com/?submit.728128
Source: cna@vuldb.com
Third Party Advisory VDB Entry
https://vuldb.com/?submit.729359
Source: cna@vuldb.com
https://vuldb.com/?submit.729360
Source: cna@vuldb.com
https://vuldb.com/?submit.738373
Source: cna@vuldb.com

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
5.3 / 10.0
EPSS (Exploit Probability)
0.1%
22th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-404

Affected Vendors

open5gs

Related CVEs

CVE-2026-4590 3.1
CVE-2026-4404 N/A
CVE-2026-33485 7.5
CVE-2026-33483 7.5
CVE-2026-33482 8.1