CVE-2026-27642

In free5GC UDM (Nudm_UEAU), versions up to 1.4.1 are affected. Remote attackers can inject control characters (for example, %00) into the supi parameter, triggering net/url parsing errors and exposing system‑level error details, enabling service fingerprinting. A fix is available via free5gc/udm ...

CVE-2025-69251

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the ueId parameter, triggering internal URL parsing errors net/url:...

follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()

An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse function. When a new URL throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potential...

Mozilla Thunderbird < 2.0.0.19 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 2.0.0.19. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption. MFSA 2008-60 - XBL bindings can be used ...