PT-2026-39246

Name of the Vulnerable Software and Affected Versions free5GC versions 4.1.0 through 4.2.1 Description A nil-pointer dereference occurs in the PCF HandleCreateSmPolicyRequest function when a downstream OpenAPI consumer call to the UDR lookup returns a 404 Not Found error. The handler logs the err...

CVE-2026-26025 free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.USAR=1 and UsageReport omits mandatory URRID sub-IE 

free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, SMF panics and terminates when processing a malformed PFCP SessionReportRequest on the PFCP UDP/8805 interface. No known upstrea...

CVE-2026-26024 free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.USAR=1 and UsageReport omits mandatory URRID sub-IE 

free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, SMF panics and terminates when processing a malformed PFCP SessionReportRequest on the PFCP UDP/8805 interface. No known upstrea...

CVE-2026-26024

CVE-2026-26024 affects the free5GC SMF (Session Management Function) in versions up to 1.4.1. A malformed PFCP SessionReportRequest on the PFCP (UDP/8805) interface can cause the SMF to panic and terminate. Some sources describe a nil pointer dereference in related CVE records. There is no known ...

PT-2025-52287

Name of the Vulnerable Software and Affected Versions omec-project UPF versions up to 2.1.3-dev Description A denial-of-service issue exists in the UPF component upf-epc/pfcpiface. When the UPF receives a PFCP Association Setup Request lacking the mandatory NodeID Information Element, the...

EUVD-2022-7133

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-7711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures...

PT-2021-12657 · Goxmldsig +1 · Goxmldsig +1

Name of the Vulnerable Software and Affected Versions: gosaml2 versions prior to 0.7.0 goxmldsig versions prior to 1.1.1 Description: The issue is caused by a nil-pointer dereference when validating malformed XML Digital Signatures, leading to a crash or panic. This can be used as a denial of...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. There is a crash on nil-pointer dereference caused by sending malformed XML signatures. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...

UBUNTU-CVE-2020-7711

This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures...

Denial of Service (DoS)

Overview github.com/russellhaering/goxmldsig is a XML Digital Signatures implemented in pure Go. Affected versions of this package are vulnerable to Denial of Service DoS. There is a crash on nil-pointer dereference caused by sending malformed XML signatures. Details Denial of Service DoS describ...

PT-2020-19733 · Russell Haering · Gosaml2 +1

Name of the Vulnerable Software and Affected Versions: github.com/russellhaering/goxmldsig versions prior to 1.1.1 github.com/russellhaering/gosaml2 versions prior to 0.7.0 Description: The issue is caused by a nil-pointer dereference when sending malformed XML signatures, leading to a crash. Thi...