Session Management Function Vulnerability in free5GC 5G Mobile Core Network
CVE-2026-26024

6.6MEDIUM

Key Information:

Vendor: Free5gc
Status: Smf
Vendor: CVE Published:; 24 February 2026

What is CVE-2026-26024?

The Session Management Function (SMF) of free5GC, an open-source project for 5G mobile core networks, is vulnerable to a critical issue where it experiences a panic and terminates upon receiving a malformed PFCP SessionReportRequest on the PFCP (UDP/8805) interface. This vulnerability affects versions up to and including 1.4.1. Currently, there is no known upstream fix, but users can employ mitigative measures such as implementing access control lists/firewalls to limit the PFCP interface access to trusted User Plane Function (UPF) IPs, consequently reducing the risk of spoofing and abuse. Additionally, inspecting and dropping malformed PFCP messages at the network edge can be practical, alongside surrounding the PFCP handler dispatch with recovery functions to prevent complete process termination.

Affected Version(s)

smf <= 1.4.1

References

https://github.com/free5gc/free5gc/security/advisories/GH...

x_refsource_CONFIRM

https://github.com/free5gc/free5gc/issues/807

x_refsource_MISC

CVSS V4

Score:

6.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 24, 2026
Vulnerability Reserved
Feb 9, 2026

CVE-2026-26024 Data

JSON

Free5gc

What is CVE-2026-26024?

Affected Version(s)

References

CVSS V4

Timeline