VYPR

Nrf

by Free5gc

Source repositories

CVEs (2)

  • CVE-2026-33062Mar 20, 2026
    risk 0.00cvss epss 0.01

    free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The `EncodeGroupId` function attempts to access…

  • CVE-2025-66719Jan 23, 2026
    risk 0.00cvss epss 0.00

    An issue was discovered in Free5gc NRF 1.4.0. In the access-token generation logic of free5GC, the AccessTokenScopeCheck() function in file internal/sbi/processor/access_token.go bypasses all scope validation when the attacker uses a crafted targetNF value. This allows attackers…