CVE-2026-40247
The CVE-2026-40247 entry describes an improper path validation in free5GC UDR (versions 4.2.1 and earlier). The handler for GET /nudr-dr/v2/application-data/influenceData/{influenceId}/{subscriptionId} does not stop after sending a 404 when influenceId != subs-to-notify, allowing an unauthenticat...