Detections
Analytics

CVE-2026-5661

medium

Description

A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used.

References

https://vuldb.com/vuln/355485/cti

https://vuldb.com/vuln/355485

https://vuldb.com/submit/785896

https://github.com/user-attachments/files/25581199/amfcfg.yaml

https://github.com/free5gc/free5gc/issues/832

https://github.com/free5gc/free5gc/

https://github.com/free5gc/amf/pull/201

Details

Source: Mitre, NVD

Published: 2026-04-06

Updated: 2026-04-06

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity: Medium

CVSS v4

Base Score: 6.9

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Severity: Medium