Vulnerabilidades en free5gc
53 resultadosCVE-2026-40343MEDIUMfree5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creationEPSS 10.0%CVE-2026-1739MEDIUMFree5GC pcf smpolicy.go HandleCreateSmPolicyRequest null pointer dereferenceEPSS 0.7%CVE-2026-33062HIGHfree5GC NRF Discovery EncodeGroupId Function Panics on Malformed group-id-list ParameterEPSS 0.7%CVE-2026-1682MEDIUMFree5GC SMF PFCP UDP Endpoint handler.go HandlePfcpAssociationReleaseRequest null pointer dereferenceEPSS 0.7%CVE-2026-33063HIGHfree5GC AUSF UE Authentication Panic on Nil SuciSupiMap Interface ConversionEPSS 0.7%CVE-2026-1683MEDIUMFree5GC SMF PFCP handler.go HandlePfcpSessionReportRequest denial of serviceEPSS 0.6%CVE-2025-69248MEDIUMfree5GC has Array Index Out of Bounds in AMF Leading to Denial of ServiceEPSS 0.6%CVE-2025-69247LOWfree5GC has Heap Buffer Overflow in UPF Leading to Denial of ServiceEPSS 0.5%CVE-2026-41135HIGHfree5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of ServiceEPSS 0.5%CVE-2025-69252MEDIUMfree5GC has Null Pointer Dereference in UDM, Leading to Service PanicEPSS 0.5%CVE-2026-40245HIGHFree5GC: UDR nudr-dr influenceData/subs-to-notify leaks SUPI in error response body without authenticationEPSS 0.5%CVE-2026-27642MEDIUMfree5GC has Improper Input Validation in UDM UEAU ServiceEPSS 0.5%CVE-2026-1684MEDIUMFree5GC SMF PFCP UDP Endpoint pfcp_reports.go HandleReports denial of serviceEPSS 0.5%CVE-2026-40247HIGHfree5gc UDR improper path validation allows unauthenticated access to Traffic Influence SubscriptionsEPSS 0.5%CVE-2026-33064HIGHfree5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer DereferenceEPSS 0.5%CVE-2025-69251MEDIUMfree5GC has Improper Input Validation in UDM, Leading to Information ExposureEPSS 0.5%CVE-2026-40248HIGHfree5gc UDR improper path validation allows unauthenticated creation and modification of Traffic Influence SubscriptionsEPSS 0.4%CVE-2026-44324MEDIUMfree5GC: UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)EPSS 0.4%CVE-2026-32937HIGHfree5GC CHF has Out-of-Bounds Slice Access that Leads to DoSEPSS 0.4%CVE-2026-44316HIGHfree5GC: PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereferenceEPSS 0.4%