Home > Vulnerability Database > CVE-2025-15532

Mend.io Vulnerability Database

CVE-2025-15532

Good to know:

Date: January 17, 2026

A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.

Severity Score

5.3

Related Resources (10)

Url: https://github.com/open5gs/open5gs/issues/4220#issue-3766066853

Url: https://github.com/open5gs/open5gs/issues/4221

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-15532

Url: https://github.com/open5gs/open5gs/commit/c7c131f8d2cb1195ada5e0e691b6868ebcd8a845

Url: https://vuldb.com/?id.341599

Url: https://vuldb.com/?submit.729357

Url: https://vuldb.com/?ctiid.341599

Url: https://github.com/open5gs/open5gs/issues/4220

Url: https://vuldb.com/?submit.729354

Url: https://www.mend.io/vulnerability-database/CVE-2025-15532

Severity Score

5.3

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

Uncontrolled Resource Consumption

CWE-400

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2025-15532

Good to know:

Date: January 17, 2026

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?