CVE-2026-44326

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptio...

CVE-2026-44326

CVE-2026-44326 affects free5gc NEF 3gpp-traffic-influence API. Prior to version 4.2.2, the NEF mounts the 3gpp-traffic-influence endpoint without inbound OAuth2/bearer-token authorization. An unauthenticated or forged-token request reachable on the SBI can create, read, patch, and delete traffic-...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the 3gpp-traffic-influence API route group, which lacks inbound authorization checks. An attacker can create, read, modify, or delete traffic-influence subscriptions by sending unauthenticated or forged requests...

GHSA-3P28-73Q7-45XP free5GC's NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptions

Summary free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptions either with no Authorization header at all, or with a forged bearer...