CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Cvelist•added 2026/05/27 3:49 p.m.•32 views

CVE-2026-44319 free5GC: NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNotifier.FlushNotifications, the notifier calls NnefPFDmanagementNotify... and on any delivery error...

7.5CVSS0.00124EPSS

Exploits1References4

NVD•added 2026/02/24 1:16 a.m.•4 views

CVE-2026-27643

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

8.7CVSS0.00049EPSS

Exploits1References4

CVE•added 2026/02/24 12:1 a.m.•4 views

CVE-2025-69253

Summary: CVE-2025-69253 affects free5GC UDR (versions up to 1.4.1) with improper error handling in NEF that exposes internal parsing error details to remote clients, enabling service fingerprinting. The vulnerability specifically impacts deployments using the Nnef_PfdManagement service. The root ...

8.7CVSS5.5AI score0.00055EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/02/24 12:1 a.m.•3 views

CVE-2025-69253 free5GC vulnerable to improper error handling in NEF with information exposure

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

8.7CVSS5.4AI score0.00055EPSS

Exploits1References4