CVE-2026-1975

Medium CVSS: 5.5

A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulation results in null pointer dereference. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Applying a patch is advised to resolve this issue.

Vendor

Free5gc

Product

Free5gc

CWE

CWE-404

Yayın Tarihi

2026-02-06 03:15:49

Güncelleme

2026-02-09 15:15:28

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Free5gc MEDIUM Free5gc 2026

Referanslar

https://github.com/free5gc/free5gc/ https://github.com/free5gc/free5gc/issues/814 https://github.com/free5gc/free5gc/issues/814#issue-3831993593 https://github.com/free5gc/smf/pull/189 https://vuldb.com/?ctiid.344497 https://vuldb.com/?id.344497 https://vuldb.com/?submit.743238

Benzer Kayıtlar

High

CVE-2026-30653

An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuth…

High

CVE-2026-33192

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

Medium

CVE-2026-33065

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.…

High

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2…

High

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerabi…