CVE-2026-1975 is a vulnerability identified in Free5GC, an open-source 5G core network software, affecting versions 4.0 and 4.1.0. The flaw resides in the identityTriggerType function of the pfcp_reports.go file, where improper handling of input leads to a null pointer dereference. This results in a crash of the affected process, causing denial of service (DoS) conditions. The vulnerability can be triggered remotely without requiring authentication or user interaction, increasing its risk profile. The CVSS 4.0 base score is 6.9 (medium severity), reflecting the network attack vector, low complexity, and no privileges or user interaction needed. The impact is primarily on availability, as the null pointer dereference causes service interruption rather than data compromise. No known exploits have been observed in the wild yet, but a public exploit has been released, which could facilitate attacks. Free5GC is used by telecom operators, research labs, and enterprises experimenting with 5G core networks, making this vulnerability relevant to critical infrastructure. The lack of patch links in the provided data suggests that organizations should monitor official Free5GC channels for updates and apply patches as soon as they become available. Additionally, network segmentation and filtering can reduce exposure to malicious traffic targeting this flaw.

For European organizations, this vulnerability poses a risk primarily to the availability of 5G core network services implemented using Free5GC. Disruption of 5G core functions can impact mobile network operators, enterprises relying on private 5G networks, and research institutions. Service outages could affect critical communications, IoT deployments, and industrial automation relying on 5G connectivity. Given the increasing adoption of 5G across Europe, any downtime or instability in core network components can have cascading effects on business operations and public services. The medium severity rating indicates that while the vulnerability is not immediately catastrophic, it can be leveraged to cause significant denial of service. The public exploit availability increases the urgency for European operators to address this issue proactively. Organizations without timely patching or adequate network protections may face increased risk of targeted attacks or opportunistic scanning by threat actors.

1. Monitor official Free5GC repositories and security advisories for patches addressing CVE-2026-1975 and apply them promptly once available. 2. Implement network-level filtering to restrict access to Free5GC management and control interfaces, allowing only trusted sources to communicate with these components. 3. Employ intrusion detection and prevention systems (IDS/IPS) tuned to detect anomalous PFCP traffic patterns that may indicate exploitation attempts. 4. Use network segmentation to isolate 5G core network components from general enterprise and internet-facing networks, minimizing exposure. 5. Conduct regular security assessments and penetration testing focused on 5G core infrastructure to identify and remediate vulnerabilities proactively. 6. Maintain robust logging and monitoring of Free5GC components to detect crashes or unusual behavior indicative of exploitation attempts. 7. Engage with the Free5GC open-source community and vendors to stay informed about emerging threats and mitigation best practices.