CVE-2026-2522

MediumPublic PoC

Published: 16 February 2026

Published

16 February 2026

Modified

18 February 2026

KEV Added

—

Patch

—

CVSS Score 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Score 0.0012 30.2th percentile

Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Description

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit…

has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Mitigating Controls (NIST 800-53 r5)AI

SI-16 Memory Protection good match

prevent

Provides memory protection safeguards that directly mitigate memory corruption vulnerabilities like CWE-119 in the MME component by preventing unauthorized code execution or modification.

SI-2 Flaw Remediation good match

prevent

Mandates timely flaw remediation through patching unpatched vulnerabilities such as CVE-2026-2522 in Open5GS to eliminate the memory corruption risk.

SC-5 Denial-of-service Protection good match

prevent

Implements denial-of-service protections to limit the impact of remote unauthenticated exploits causing service crashes via memory corruption.

Security SummaryAI

CVE-2026-2522 is a memory corruption vulnerability (CWE-119) affecting Open5GS versions up to 2.7.6, specifically an unknown function in the file /src/mme/esm-build.c within the MME component. Assigned a CVSS v3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L), the issue enables manipulation that disrupts availability through memory corruption.

The vulnerability can be exploited remotely by unauthenticated attackers with no privileges required, low attack complexity, and no user interaction needed. Successful exploitation results in limited denial-of-service impact, such as service crashes or disruptions due to memory corruption, without affecting confidentiality or integrity.

References, including GitHub issues #4283 and related comments in the Open5GS repository, indicate the project was notified early via an issue report but has not yet responded or issued patches. VulDB entries confirm public disclosure of the exploit, which may be actively used by attackers. No mitigations or fixes are currently available from the vendor.

Details

CWE(s): CWE-119

Affected Products

open5gs

≤ 2.7.6

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

The vulnerability allows remote unauthenticated attackers to cause denial-of-service via memory corruption in the Open5GS MME service, directly mapping to application exploitation for endpoint DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/open5gs/open5gs/
Product · cna@vuldb.com
https://github.com/open5gs/open5gs/issues/4283
Exploit, Issue Tracking, Vendor Advisory · cna@vuldb.com
https://github.com/open5gs/open5gs/issues/4283#issue-3807916595
Exploit, Issue Tracking, Vendor Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.346110
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.346110
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.738336
Third Party Advisory, VDB Entry · cna@vuldb.com