Home > Vulnerability Database > CVE-2026-1522

Mend.io Vulnerability Database

CVE-2026-1522

Good to know:

Date: January 28, 2026

A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwc_s5c_handle_modify_bearer_response of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. This patch is called b19cf6a. Applying a patch is advised to resolve this issue. The issue report is flagged as already-fixed.

Severity Score

5.3

Related Resources (9)

Url: https://nvd.nist.gov/vuln/detail/CVE-2026-1522

Url: https://github.com/open5gs/open5gs/issues/4266

Url: https://vuldb.com/?id.343193

Url: https://vuldb.com/?ctiid.343193

Url: https://github.com/open5gs/open5gs/commit/b19cf6a

Url: https://vuldb.com/?submit.738371

Url: https://github.com/open5gs/open5gs/issues/4266#issue-3794991595

Url: https://github.com/open5gs/open5gs/issues/4266#event-21968568116

Url: https://www.mend.io/vulnerability-database/CVE-2026-1522

Severity Score

5.3

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2026-1522

Good to know:

Date: January 28, 2026

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?