CVE-2026-1739

Medium CVSS: 5.5

A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is df535f5524314620715e842baf9723efbeb481a7. Applying a patch is the recommended action to fix this issue.

Vendor

Free5gc

Product

Pcf

CWE

CWE-404

Yayın Tarihi

2026-02-02 02:16:10

Güncelleme

2026-02-11 19:35:36

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Pcf MEDIUM Free5gc 2026

Referanslar

https://github.com/free5gc/free5gc/issues/803 https://github.com/free5gc/free5gc/issues/803#issue-3815770007 https://github.com/free5gc/pcf/ https://github.com/free5gc/pcf/commit/df535f5524314620715e842baf9723efbeb481a7 https://github.com/free5gc/pcf/pull/62 https://vuldb.com/?ctiid.343638 https://vuldb.com/?id.343638 https://vuldb.com/?submit.741194

Benzer Kayıtlar

High

CVE-2026-30653

An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuth…

High

CVE-2026-33192

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

Medium

CVE-2026-33065

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

High

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerabi…