CVE-2026-1973

Medium CVSS: 5.5

A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. It is best practice to apply a patch to resolve this issue.

Vendor

Free5gc

Product

Free5gc

CWE

CWE-404

Yayın Tarihi

2026-02-06 02:16:05

Güncelleme

2026-02-09 15:48:21

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Free5gc MEDIUM Free5gc 2026

Referanslar

https://github.com/free5gc/free5gc/ https://github.com/free5gc/free5gc/issues/815 https://github.com/free5gc/free5gc/issues/815#issue-3832032062 https://github.com/free5gc/smf/pull/189 https://vuldb.com/?ctiid.344495 https://vuldb.com/?id.344495 https://vuldb.com/?submit.743236

Benzer Kayıtlar

High

CVE-2026-30653

An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuth…

High

CVE-2026-33192

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

Medium

CVE-2026-33065

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

High

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerabi…