CVE-2026-1973

A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. I...

EUVD-2026-5604

A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2026-1973

A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. I...

EUVD-2026-5605

A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. I...

free5GC 代码问题漏洞

Free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of Free5GC prior to 4.1.0 contain code vulnerabilities. These vulnerabilities stem from a flaw in the establishPfcpSession function within the SMF component, which may lead to null pointer dereferencing...

CVE-2026-1684

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcpreports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to...

EUVD-2026-5030

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The...

EUVD-2025-24087

Malicious code in bioql PyPI...

CVE-2025-52322

An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a crafted Create Session Request message to the SMF PGW-C, using the IP address of a legitimate UE in the PDN Address Allocation PAA field...

PT-2025-36741

Name of the Vulnerable Software and Affected Versions: Open5GS versions prior to 2.7.3 Description: An issue in Open5GS allows a remote attacker to cause a denial of service by sending a crafted Create Session Request message to the SMF PGW-C, utilizing the IP address of a legitimate UE in the PD...

CVE-2025-8802

A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smfstateoperational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been...

CVE-2025-8805 Open5GS SMF gsm-sm.c smf_gsm_state_wait_pfcp_deletion denial of service

A vulnerability was determined in Open5GS up to 2.7.5. Affected by this issue is the function smfgsmstatewaitpfcpdeletion of the file src/smf/gsm-sm.c of the component SMF. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the publ...

CVE-2025-8802

A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smfstateoperational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been...

CVE-2025-8802 Open5GS SMF smf-sm.c smf_state_operational denial of service

A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smfstateoperational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been...

CVE-2025-8802 Open5GS SMF smf-sm.c smf_state_operational denial of service

A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smfstateoperational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been...

PT-2025-32476 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS versions prior to 2.7.6 Description: A problematic issue was identified in Open5GS. The vulnerability affects the smf state operational function within the src/smf/smf-sm.c file of the SMF component. Manipulation of the argument strea...

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...

PT-2024-34550 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open 5GS version 2.7.1 Description: The issue allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, during the Packet...

CVE-2023-47346

Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages...

free5GC Security Vulnerabilities

free5GC is an open source project for 5th Generation 5G mobile core networks open sourced by free5GC. free5GC suffers from a security vulnerability that stems from the presence of a buffer overflow vulnerability. An attacker could exploit this vulnerability to cause a denial of service DOS via a...