CVE-2026-33192

CVE-2026-33192 — Free5GC UDM PATCH handling issue : In Free5GC UDM (pre-1.4.2), PATCH requests with an empty supi path parameter can trigger internal misbehavior: a 400 from UDR is converted to 500, and PATCH is inappropriately translated to PUT when forwarded to UDR. This reveals internal error ...

CVE-2026-33065

CVE-2026-33065 affects Free5GC UDM (core network component) prior to version 1.4.2. When handling DELETE requests with an empty supi path (e.g., // in the URL), UDM forwards the malformed request to UDR (which returns 400) but UDM propagates it as 500 SYSTEM_FAILURE, leaking internal error handli...

UBUNTU-CVE-2026-33192

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling PATCH requests with an empty supi path parameter...

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code executio...

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...

EulerOS 2.0 SP10 : gzip (EulerOS-SA-2022-2158)

According to the versions of the gzip package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Communications Cloud Native Core Unified Data Repository product of Oracle Communications component: UDR GNU Gzip. The...