CVE-2026-7518 | Open5GS up to 2.7.7 AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_notify changeItem.newValue denial of service (Issue 4395)

A vulnerability classified as problematic has been found in Open5GS up to 2.7.7. This issue affects the function amf_namf_callback_handle_sdm_data_change_notify of the file /namf-callback/v1/{id}/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service.

This vulnerability is handled as CVE-2026-7518. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7518 | Open5GS up to 2.7.7 AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_notify changeItem.newValue denial of service (Issue 4395)

Post correlati

CVE-2024-57790 | IXON IXrouter IX2400 3.0 UART/SSH hard-coded password

CVE-2023-45841 | Buildroot 2023.08.1/622698d7847 code download (TALOS-2023-1844)

CVE-2025-11625 | wolfSSH 0/1.4.20 Host improper authentication

CVE-2025-5377 | Astun Technology iShare Maps 5.4.0 historic1.asp Zoom cross site scripting