CVE-2026-1682

Medium CVSS: 5.5

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been published and may be used. A patch should be applied to remediate this issue.

Vendor

Free5gc

Product

Free5gc

CWE

CWE-404

Yayın Tarihi

2026-01-30 14:16:07

Güncelleme

2026-02-23 10:16:18

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Free5gc MEDIUM Free5gc 2026

Referanslar

https://github.com/free5gc/free5gc/issues/794 https://github.com/free5gc/free5gc/issues/794#issue-3811888505 https://github.com/free5gc/free5gc/issues/794#issuecomment-3761063382 https://github.com/free5gc/smf/ https://github.com/free5gc/smf/pull/188 https://vuldb.com/?ctiid.343475 https://vuldb.com/?id.343475 https://vuldb.com/?submit.739508

Benzer Kayıtlar

High

CVE-2026-30653

An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuth…

High

CVE-2026-33192

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

Medium

CVE-2026-33065

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

High

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerabi…