CVE-2026-1974

Medium CVSS: 5.5

A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. It is recommended to apply a patch to fix this issue.

Vendor

Free5gc

Product

Free5gc

CWE

CWE-404

Yayın Tarihi

2026-02-06 02:16:05

Güncelleme

2026-02-09 15:47:30

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Free5gc MEDIUM Free5gc 2026

Referanslar

https://github.com/free5gc/free5gc/ https://github.com/free5gc/free5gc/issues/816 https://github.com/free5gc/free5gc/issues/816#issue-3832055233 https://github.com/free5gc/smf/pull/189 https://vuldb.com/?ctiid.344496 https://vuldb.com/?id.344496 https://vuldb.com/?submit.743237

Benzer Kayıtlar

High

CVE-2026-30653

An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuth…

High

CVE-2026-33192

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

Medium

CVE-2026-33065

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

High

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerabi…