A vulnerability was found in Open5GS up to 2.7.7 and classified as problematic . This affects the function gsm_build_pdu_session_establishment_accept of the file /src/smf/gsm-build.c of the component SMF . The manipulation results in denial of service. This vulnerability is reported as CVE-2026-8266 . The attack can be launched remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.