{"id":"CVE-2026-14618","summary":"Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service","details":"A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amf_nnrf_handle_nf_discover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may be used. The patch is identified as fb5f67703de0213fb9c6e6ef3b48b6c1707e9503. It is best practice to apply a patch to resolve this issue.","modified":"2026-07-15T20:32:06.380615Z","published":"2026-07-04T06:00:09.970Z","database_specific":{"cna_assigner":"VulDB","cwe_ids":["CWE-404"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/14xxx/CVE-2026-14618.json","unresolved_ranges":[{"extracted_events":[{"introduced":"2.7.3"},{"last_affected":"2.7.3"},{"introduced":"2.7.4"},{"last_affected":"2.7.4"}],"source":"AFFECTED_FIELD"}]},"references":[{"type":"WEB","url":"https://github.com/open5gs/open5gs/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/14xxx/CVE-2026-14618.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-14618"},{"type":"ADVISORY","url":"https://vuldb.com/cve/CVE-2026-14618"},{"type":"ADVISORY","url":"https://vuldb.com/submit/844824"},{"type":"ADVISORY","url":"https://vuldb.com/vuln/376135"},{"type":"REPORT","url":"https://github.com/open5gs/open5gs/issues/4517"},{"type":"REPORT","url":"https://github.com/open5gs/open5gs/issues/4517#issuecomment-4589606265"},{"type":"REPORT","url":"https://vuldb.com/vuln/376135/cti"},{"type":"FIX","url":"https://github.com/ferrancanellas/open5gs/commit/fb5f67703de0213fb9c6e6ef3b48b6c1707e9503"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ferrancanellas/open5gs","events":[{"introduced":"0"},{"fixed":"fb5f67703de0213fb9c6e6ef3b48b6c1707e9503"}],"database_specific":{"source":"REFERENCES"}},{"type":"GIT","repo":"https://github.com/open5gs/open5gs","events":[{"introduced":"83e35bb2de7e67646fdba849580184422b10006a"},{"last_affected":"318eeb49a7dcdff733dec60e02d9c60aefca2fb9"}],"database_specific":{"extracted_events":[{"introduced":"2.7.0"},{"last_affected":"2.7.0"},{"introduced":"2.7.1"},{"last_affected":"2.7.1"},{"introduced":"2.7.2"},{"last_affected":"2.7.2"},{"introduced":"2.7.5"},{"last_affected":"2.7.5"},{"introduced":"2.7.6"},{"last_affected":"2.7.6"},{"introduced":"2.7.7"},{"last_affected":"2.7.7"}],"source":"AFFECTED_FIELD"}}],"versions":["2.7.0","2.7.1","2.7.2","2.7.5","2.7.6","2.7.7","v2.7.7","v2.7.2","v2.7.1","v2.7.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-14618.json","vanir_signatures_modified":"2026-07-15T20:32:06Z","vanir_signatures":[{"target":{"file":"src/amf/nnrf-handler.c"},"deprecated":false,"digest":{"line_hashes":["35511486027136567140912872645359814233","277787368761806272593061346502897317219","220875080607785509674374129760578810450","32513599093208623380068313232022504263","318888042328657968951925711515882586614","188867816864146622733536750260229891926","228340014219486784761646283968947641223","322187844324433449683830270923260846501","9719669296082476449264085730364527544","151523735742662310263602163065819991596","126268763002383954517762244861563848558","312310810970972713920994562981978612592","105833243667702633266751197752826700868","153928344020146367483346799346028947397","223636038583202380014230133143858664746","126721040058264043287876085985826487934","128147253359087901126673395437176127878","51909030929943861244280044178431587713","70476095015625546984486070578040078654","177534433220538632605653567225476256405","282488836650575543161800974652707303398","165313352705454850714865132544221416698","75257696414839944806979342633967054362","156484763211412816625013940397306949219","30752856504658519647809440437449984368","178726748302376544967661559221052219550"],"threshold":0.9},"id":"CVE-2026-14618-0fb9b0ac","signature_type":"Line","signature_version":"v1","source":"https://github.com/ferrancanellas/open5gs/commit/fb5f67703de0213fb9c6e6ef3b48b6c1707e9503"},{"deprecated":false,"digest":{"function_hash":"160433884742421136587568768308375675852","length":2966},"id":"CVE-2026-14618-11cb92da","signature_type":"Function","signature_version":"v1","source":"https://github.com/ferrancanellas/open5gs/commit/fb5f67703de0213fb9c6e6ef3b48b6c1707e9503","target":{"file":"src/amf/nnrf-handler.c","function":"amf_nnrf_handle_nf_discover"}},{"digest":{"function_hash":"242888857231980047421843416279902073420","length":986},"id":"CVE-2026-14618-356d0d39","signature_type":"Function","signature_version":"v1","source":"https://github.com/ferrancanellas/open5gs/commit/fb5f67703de0213fb9c6e6ef3b48b6c1707e9503","target":{"file":"src/amf/nnrf-handler.c","function":"amf_nnrf_handle_failed_amf_discovery"},"deprecated":false}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"}]}