Vulnerability in Free5gc Nrf

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The `Encode…

EPSS: 0.001 (25.1th percentile) — read the EPSS interpretation.

Affected products

Free5gc Nrf — versions < 1.4.2

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

https://github.com/free5gc/free5gc/security/advisories/GHSA-7c47-xr7q-p6hg (x_refsource_CONFIRM)
https://github.com/free5gc/free5gc/issues/777 (x_refsource_MISC)
https://github.com/free5gc/nrf/pull/80 (x_refsource_MISC)
https://github.com/free5gc/nrf/commit/dac77d8f8f2e0f041c5634fb3c685dcb9734b872 (x_refsource_MISC)