Is there a public PoC exploit available for CVE-2026-5661?

Yes, a public proof-of-concept exploit is available for CVE-2026-5661. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for CVE-2026-5661?

Yes, a patch is available for CVE-2026-5661. Update the affected software to the latest version immediately.

Free5gc CVE-2026-5661

Q: What is the CVSS score of CVE-2026-5661?

CVE-2026-5661 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-19241 MEDIUM

Improper Resource Shutdown or Release (CWE-404)

2026-04-06 VulDB

Denial Of Service Free5gc

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Apr 07, 2026 - 13:20 vuln.today

Public exploit code

EUVD ID Assigned

Apr 06, 2026 - 14:30 euvd

EUVD-2026-19241

Analysis Generated

Apr 06, 2026 - 14:30 vuln.today

Patch released

Apr 06, 2026 - 14:30 nvd

Patch available

CVE Published

Apr 06, 2026 - 14:08 nvd

MEDIUM 5.5

DescriptionCVE.org

A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used.

AnalysisAI

Denial of service in Free5GC 4.2.0 NGSetupRequest Handler allows unauthenticated remote attackers to crash the AMF (Access and Mobility Management Function) component via malformed requests. The vulnerability has a publicly available exploit and a vendor-released patch, with EPSS score of 5.3 indicating moderate but real exploitation risk despite low CVSS scoring.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	Despite the moderate CVSS score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L), this vulnerability presents significant real-world risk in production 5G deployments. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker with network access to the NG interface (either as a rogue base station or via man-in-the-middle positioning) sends a crafted NGSetupRequest message with malformed parameters to the AMF component. The handler fails to validate the request structure, triggering an unhandled exception or resource exhaustion condition that crashes the AMF process. …
Remediation	Vendor-released patch available via upstream PR https://github.com/free5gc/amf/pull/201. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-5661 vulnerability details – vuln.today

Back