Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: free5gc Clear
ID Title
CVE-2026-42459 Vulnerability in github.com/free5gc/udm (CVE-2026-42459)
vulnerability in github.com/free5gc/udm (CVE-2026-42459). Confidential information can be exposed externally. Exploitable via ``supi``.
CVE-2026-42083 Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
CVE-2026-42082 Vulnerability in github.com/free5gc/amf (CVE-2026-42082)
vulnerability in github.com/free5gc/amf (CVE-2026-42082). Risk of unauthorized operations or information disclosure. Exploitable via ``OnGoing``.
CVE-2026-42081 Vulnerability in github.com/free5gc/amf (CVE-2026-42081)
vulnerability in github.com/free5gc/amf (CVE-2026-42081). Risk of unauthorized operations or information disclosure. Exploitable via ``handlePathSwitchRequestMain``.
CVE-2026-44330 Authorization Flaw in github.com/free5gc/nef (CVE-2026-44330)
vulnerability in github.com/free5gc/nef (CVE-2026-44330). Data can be tampered with by attackers. Exploitable via `GET /applications`.
CVE-2026-44329 Vulnerability in github.com/free5gc/smf (CVE-2026-44329)
vulnerability in github.com/free5gc/smf (CVE-2026-44329). Data can be tampered with by attackers. Exploitable via `GET /upi/v1/upNodesLinks`. Mitigation: upgrade to `1.4.3` or later.
CVE-2026-44328 Vulnerability in github.com/free5gc/smf (CVE-2026-44328)
vulnerability in github.com/free5gc/smf (CVE-2026-44328). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /upi/v1/upNodesLinks/{upNodeRef}`. Mitigation: upgrade to `1.4.3` or later.
CVE-2026-44327 Vulnerability in github.com/free5gc/nef (CVE-2026-44327)
vulnerability in github.com/free5gc/nef (CVE-2026-44327). Data can be tampered with by attackers. Exploitable via ``Authorization``.
CVE-2026-44326 Vulnerability in github.com/free5gc/nef (CVE-2026-44326)
vulnerability in github.com/free5gc/nef (CVE-2026-44326). Data can be tampered with by attackers. Exploitable via ``Authorization``.
CVE-2026-44325 Vulnerability in github.com/free5gc/nrf (CVE-2026-44325)
vulnerability in github.com/free5gc/nrf (CVE-2026-44325). Risk of unauthorized operations or information disclosure. Exploitable via `POST /oauth2/token`. Mitigation: upgrade to `1.4.3` or later.
CVE-2026-44324 Vulnerability in github.com/free5gc/udr (CVE-2026-44324)
vulnerability in github.com/free5gc/udr (CVE-2026-44324). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscript`. Mitigation: upgrade to `1.4.3` or later.
CVE-2026-44323 Vulnerability in github.com/free5gc/udr (CVE-2026-44323)
vulnerability in github.com/free5gc/udr (CVE-2026-44323). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscript`. Mitigation: upgrade to `1.4.3` or later.
CVE-2026-44322 Vulnerability in github.com/free5gc/nef (CVE-2026-44322)
vulnerability in github.com/free5gc/nef (CVE-2026-44322). Risk of unauthorized operations or information disclosure. Exploitable via `PATCH /3gpp-pfd-management/v1/{afId}/transactions/{transId}/applications/{appId}`. Mitigation: upgrade to `1.2.3` or later.
CVE-2026-44321 Vulnerability in github.com/free5gc/smf (CVE-2026-44321)
vulnerability in github.com/free5gc/smf (CVE-2026-44321). Risk of unauthorized operations or information disclosure. Exploitable via `POST /upi/v1/upNodesLinks`.
CVE-2026-44320 Vulnerability in github.com/free5gc/nef (CVE-2026-44320)
vulnerability in github.com/free5gc/nef (CVE-2026-44320). Risk of unauthorized operations or information disclosure. Exploitable via ``NotifId``.
CVE-2026-44319 Vulnerability in github.com/free5gc/nef (CVE-2026-44319)
vulnerability in github.com/free5gc/nef (CVE-2026-44319). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Mitigation: upgrade to `1.2.3` or later.
CVE-2026-44318 Vulnerability in github.com/free5gc/bsf (CVE-2026-44318)
vulnerability in github.com/free5gc/bsf (CVE-2026-44318). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /nbsf-management/v1/subscriptions/{subId}`. Mitigation: upgrade to `1.0.2` or later.
CVE-2026-44317 Vulnerability in github.com/free5gc/pcf (CVE-2026-44317)
vulnerability in github.com/free5gc/pcf (CVE-2026-44317). Risk of unauthorized operations or information disclosure. Exploitable via `POST /npcf-policyauthorization/v1/app-sessions`. Mitigation: upgrade to `1.4.3` or later.
CVE-2026-44316 Vulnerability in github.com/free5gc/pcf (CVE-2026-44316)
vulnerability in github.com/free5gc/pcf (CVE-2026-44316). Risk of unauthorized operations or information disclosure. Exploitable via `POST /npcf-smpolicycontrol/v1/sm-policies`. Mitigation: upgrade to `1.4.2` or later.
CVE-2026-44315 Vulnerability in github.com/free5gc/nef (CVE-2026-44315)
vulnerability in github.com/free5gc/nef (CVE-2026-44315). Data can be tampered with by attackers. Exploitable via ``ServiceList``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →