CVE-2026-5360
Last modified
CVE-2026-5360 is a low-severity vulnerability rated 2.9/10 on the CVSS scale. A vulnerability has been found in Free5GC 4.2.0. The affected element is an unknown function of the component aper. EPSS estimates a 0.43% chance of exploitation in the next 30 days.
Description
A vulnerability has been found in Free5GC 4.2.0. The affected element is an unknown function of the component aper. Such manipulation leads to type confusion. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is described as difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 26205eb01705754b7b902ad6c4b613c96c881e29. It is best practice to apply a patch to resolve this issue.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Free5gc | Free5gc | 4.2.0 |
References
- https://github.com/free5gc/aper/pull/11Issue Tracking, Patch
- https://github.com/free5gc/free5gc/issues/831Issue Tracking
- https://vuldb.com/submit/781573Third Party Advisory, VDB Entry
- https://vuldb.com/vuln/354735Third Party Advisory, VDB Entry
- https://vuldb.com/vuln/354735/ctiPermissions Required, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-5360?
How severe is CVE-2026-5360?
How do I fix CVE-2026-5360?
Are you affected by CVE-2026-5360?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST