Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Free5GC Can Be Crashed by Malicious Input in AMF Component
CVE-2026-4531
Summary
Free5GC's AMF component is vulnerable to a denial-of-service attack. An attacker can send malicious input to the HandleRegistrationComplete function, potentially causing the system to crash. To fix this issue, apply the provided patch to your Free5GC 4.1.0 installation.
Original title
A weakness has been identified in Free5GC 4.1.0. Affected is the function HandleRegistrationComplete of the file internal/gmm/handler.go of the component AMF. Executing a manipulation can lead to d...
Original description
A weakness has been identified in Free5GC 4.1.0. Affected is the function HandleRegistrationComplete of the file internal/gmm/handler.go of the component AMF. Executing a manipulation can lead to denial of service. The attack may be performed from remote. This patch is called 52e9386401ce56ea773c5aa587d4cdf7d53da799. It is best practice to apply a patch to resolve this issue.
nvd CVSS2.0
5.0
nvd CVSS3.1
5.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-404
Published: 22 Mar 2026 · Updated: 22 Mar 2026 · First seen: 22 Mar 2026