CVE-2026-41136
Received Received - Intake
Deserialization Bypass in free5GC AMF Causes Uninitialized Requests

Publication date: 2026-04-22

Last updated on: 2026-04-23

Assigner: GitHub, Inc.

Description
free5GC AMF provides Access & Mobility Management Function (AMF) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. Prior to version 1.4.3, the `HTTPUEContextTransfer` handler in `internal/sbi/api_communication.go` does not include a `default` case in the `Content-Type` switch statement. When a request arrives with an unsupported `Content-Type`, the deserialization step is silently skipped, `err` remains `nil`, and the processor is invoked with a completely uninitialized `UeContextTransferRequest` object. Version 1.4.3 contains a fix.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-22
Last Modified
2026-04-23
Generated
2026-06-16
AI Q&A
2026-04-22
EPSS Evaluated
2026-06-14
NVD
CVE-2026-41136
EUVD
EUVD-2026-24576
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
free5gc free5gc to 4.2.1 (inc)
free5gc amf to 1.4.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-440 A feature, API, or function does not perform according to its specification.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in free5GC AMF, specifically in the HTTPUEContextTransfer handler before version 1.4.3. The handler's code does not include a default case in the Content-Type switch statement. As a result, when a request with an unsupported Content-Type is received, the deserialization step is skipped silently without error, causing the processor to operate on an uninitialized UeContextTransferRequest object.

Impact Analysis

This vulnerability can lead to the processing of uninitialized data within the AMF component of free5GC. This may cause unexpected behavior or errors in the 5G core network functions that rely on properly deserialized user context data, potentially impacting network reliability or security.

Mitigation Strategies

To mitigate this vulnerability, upgrade free5GC AMF to version 1.4.3 or later, which contains the fix for the issue in the HTTPUEContextTransfer handler.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41136. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart