CVE-2026-1976

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Free5GC versions prior to 4.1.1

Description A flaw exists in Free5GC up to version 4.1.0 within the SessionDeletionResponse function of the SMF component. This issue results in a null pointer dereference, potentially allowing for remote exploitation. The exploit for this issue has been publicly released.

Recommendations Install a patch to address this issue.

Exploit

Fix

Improper Resource Release

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-476

Related Identifiers

CVE-2026-1976

Affected Products

Free5Gc

CVE-2026-1976

Weakness Enumeration

Related Identifiers

Affected Products

References · 12