What is the CVSS score of CVE-2025-66719?

CVE-2025-66719 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Golang are affected by CVE-2025-66719?

A critical vulnerability in Free5gc NRF 1.4.0 allows attackers to bypass authentication token scope validation, potentially granting unauthorized access to 5G network functions and sensitive…. A patch is available.

Is there a public PoC exploit available for CVE-2025-66719?

Yes, a public proof-of-concept exploit is available for CVE-2025-66719. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-66719?

Within 24 hours: Identify all systems running Free5gc NRF 1.4.0 and assess their network exposure; implement network segmentation to restrict NRF access. Within 7 days: Apply the available vendor patch to all affected systems and validate successful deployment. Within 30 days: Conduct forensic logs review for indicators of exploitation and perform penetration testing to confirm remediation effectiveness.

Golang CVE-2025-66719

CRITICAL

Incorrect Authorization (CWE-863)

2026-01-23 cve@mitre.org

GHSA-q7c8-gfjh-8v4p

Golang Nrf

9.1

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 11, 2026 - 19:55 vuln.today

Public exploit code

Patch released

Feb 11, 2026 - 19:55 nvd

Patch available

CVE Published

Jan 23, 2026 - 16:15 nvd

CRITICAL 9.1

DescriptionCVE.org

An issue was discovered in Free5gc NRF 1.4.0. In the access-token generation logic of free5GC, the AccessTokenScopeCheck() function in file internal/sbi/processor/access_token.go bypasses all scope validation when the attacker uses a crafted targetNF value. This allows attackers to obtain an access token with any arbitrary scope.

AnalysisAI

Free5gc NRF 1.4.0 has an authorization bypass in access token generation that allows authenticated users to request tokens with broader scope than permitted.

Technical ContextAI

The AccessTokenScopeCheck function in Free5gc NRF (Network Repository Function) 1.4.0 has a CWE-863 incorrect authorization vulnerability that fails to properly validate token scope, allowing users to request overly permissive access tokens.

RemediationAI

Update Free5gc. Review issued access tokens for overly permissive scopes.

CVE-2025-66719 vulnerability details – vuln.today

Back

Golang CVE-2025-66719

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code