Authorization Bypass in free5GC's NEF OAM Route Group
CVE-2026-44327

10CRITICAL

Key Information:

Vendor

Free5gc

Status
Free5gc
Vendor
CVE Published:
27 May 2026

What is CVE-2026-44327?

The vulnerability in free5GC's NEF allows network attackers to access the OAM route without proper authorization, as the system lacks an inbound OAuth2/bearer-token check. This oversight results in potential exposure to unauthorized operations on the OAM route. Although the current handler operates minimally, the structural defect implies that all future operations under this route group will also lack adequate authentication, creating significant security risks. The issue has been resolved in version 4.2.2.

Affected Version(s)

free5gc < 4.2.2

References

https://github.com/free5gc/free5gc/security/advisories/GH...
x_refsource_CONFIRM
https://github.com/free5gc/free5gc/issues/861
x_refsource_MISC
https://github.com/free5gc/nef/pull/23
x_refsource_MISC

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.