CVE-2026-2523

MediumPublic PoC

Published: 16 February 2026

Published

16 February 2026

Modified

18 February 2026

KEV Added

—

Patch

—

CVSS Score 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Score 0.0012 30.3th percentile

Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-2523 is a medium-severity Reachable Assertion (CWE-617) vulnerability in Open5Gs Open5Gs. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 30.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense at a Glance

What attackers do: exploitation maps to Application or System Exploitation (T1499.004).

Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Reachable assertion (CWE-617) in network-exposed SMF handler allows unauthenticated remote crash, directly matching application exploitation for endpoint DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function smf_gn_handle_create_pdp_context_request of the file /src/smf/gn-handler.c of the component SMF. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit…

is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Deeper analysisAI

CVE-2026-2523 is a vulnerability in Open5GS versions up to 2.7.6, affecting the SMF component. Specifically, the issue resides in the function smf_gn_handle_create_pdp_context_request within the file /src/smf/gn-handler.c. The flaw leads to a reachable assertion, classified under CWE-617, with a CVSS v3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L), indicating medium severity primarily due to low-impact availability disruption.

The vulnerability can be exploited remotely by unauthenticated attackers over the network with low complexity and no user interaction required. Successful exploitation triggers the assertion, resulting in a denial-of-service condition that impairs the availability of the affected SMF component.

References point to the Open5GS GitHub repository and issue #4285, where the project was informed early via an issue report but has not yet responded. No patches or official mitigations are mentioned in the available advisories from sources like VulDB. The exploit is public and may be used.

Notable context includes the public availability of the exploit, with no reported real-world exploitation at the time of publication on 2026-02-16.

Details

CWE(s): CWE-617

Affected Products

open5gs

≤ 2.7.6

CVEs Like This One

CVE-2025-15530Same product: Open5Gs Open5Gs

CVE-2026-2062Same product: Open5Gs Open5Gs

CVE-2026-2517Same product: Open5Gs Open5Gs

CVE-2024-56921Same product: Open5Gs Open5Gs

CVE-2024-24428Same product: Open5Gs Open5Gs

CVE-2024-34235Same product: Open5Gs Open5Gs

CVE-2025-15532Same product: Open5Gs Open5Gs

CVE-2026-4240Same product: Open5Gs Open5Gs

CVE-2025-15539Same product: Open5Gs Open5Gs

CVE-2025-1893Same product: Open5Gs Open5Gs

References

https://github.com/open5gs/open5gs/
Product · cna@vuldb.com
https://github.com/open5gs/open5gs/issues/4285
Exploit, Issue Tracking, Vendor Advisory · cna@vuldb.com
https://github.com/open5gs/open5gs/issues/4285#issue-3809055236
Exploit, Issue Tracking, Vendor Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.346111
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.346111
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.738342
Third Party Advisory, VDB Entry · cna@vuldb.com