What is CVE-2026-5360?

CVE-2026-5360 is a low-severity vulnerability in Free5gc, classified under Access of Resource Using Incompatible Type (Type Confusion). CVSS score: 3.7/10. Published 2026-04-02.

How severe is CVE-2026-5360?

Low severity. CVSS v3 base score is 3.7 out of 10.

Vulnerability in Free5gc

CVE-2026-5360

A vulnerability has been found in Free5GC 4.2.0. The affected element is an unknown function of the component aper. Such manipulation leads to type confusion. The attack may be launched remotely. This attack is characterized by high comple…

EPSS: 0.001 (22.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Free5gc — versions 4.2.0
N/a Free5gc — versions 4.2.0

Weakness classification (CWE)

CWE-843 — Access of Resource Using Incompatible Type (Type Confusion)

References

VDB-354735 | Free5GC aper type confusion (Third Party Advisory, VDB Entry, vdb-entry)
VDB-354735 | CTI Indicators (IOB, IOC) (signature, Permissions Required, permissions-required, VDB Entry)
Submit #781573 | Linux Foundation free5GC 4.2.0 Type Confusion (Third Party Advisory, VDB Entry, third-party-advisory)
cna@vuldb.com (issue-tracking, Issue Tracking)
cna@vuldb.com (issue-tracking, Patch, patch, Issue Tracking)
cna@vuldb.com (issue-tracking, exploit, Issue Tracking)
cna@vuldb.com (Patch, patch)
cna@vuldb.com (Product, product)

Frequently asked questions

What is CVE-2026-5360?: CVE-2026-5360 is a low-severity vulnerability in Free5gc, classified under Access of Resource Using Incompatible Type (Type Confusion). CVSS score: 3.7/10. Published 2026-04-02.
How severe is CVE-2026-5360?: Low severity. CVSS v3 base score is 3.7 out of 10.