Lucene search
+L

135 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.14 views

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-33191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References2
OSV
OSV
added 2026/03/23 6:14 p.m.10 views

GO-2026-4763 free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error in github.com/free5gc/udm

free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error in github.com/free5gc/udm...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References4
NVD
NVD
added 2026/03/20 8:16 a.m.5 views

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...

8.7CVSS0.00354EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/20 7:54 a.m.22 views

CVE-2026-33191 free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...

8.7CVSS0.00354EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 7:54 a.m.2 views

CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/20 7:54 a.m.3 views

CVE-2026-33191 free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References2
CVE
CVE
added 2026/03/20 7:54 a.m.14 views

CVE-2026-33191

CVE-2026-33191 affects Free5GC UDM (Nudm_SubscriberDataManagement API) where null byte injections in the supi URL path parameter (URL-encoded %00) trigger Go’s net/url parsing error, leading to a 500 Internal Server Error and enabling denial-of-service conditions. Multiple sources confirm the iss...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/20 7:54 a.m.5 views

CVE-2026-33191 free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...

8.7CVSS6.3AI score0.00354EPSS
Exploits0References4
OSV
OSV
added 2026/03/20 12:0 a.m.6 views

UBUNTU-CVE-2026-33191

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/18 8:11 p.m.7 views

free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error

Impact This is an Improper Input Validation vulnerability with Denial of Service and Injection implications. - Security Impact: A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's NudmSubscriberDataManagement API. This causes URL parsing failure in...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/18 8:11 p.m.5 views

GHSA-P9HG-PQ3Q-V9GV free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error

Impact This is an Improper Input Validation vulnerability with Denial of Service and Injection implications. - Security Impact: A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's NudmSubscriberDataManagement API. This causes URL parsing failure in...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.10 views

PT-2026-26208

Impact This is an Improper Input Validation vulnerability with Denial of Service and Injection implications. - Security Impact: A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's Nudm SubscriberDataManagement API. This causes URL parsing failure i...

8.7CVSS5.8AI score0.00354EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.5 views

CVE-2023-29246

An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0...

7.2CVSS7.3AI score0.0147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 7:32 a.m.12 views

CVE-2025-2026

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability CVE-2025-2026 that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service DoS condition. An authenticated...

7.1CVSS7.3AI score0.00378EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 8:15 a.m.7 views

CVE-2025-2026

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability CVE-2025-2026 that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service DoS condition. An authenticated...

7.1CVSS0.00378EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 7:32 a.m.6 views

EUVD-2025-205901

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability CVE-2025-2026 that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service DoS condition. An authenticated...

7.7CVSS6.8AI score0.00378EPSS
Exploits0References2
CVE
CVE
added 2025/12/31 7:32 a.m.21 views

CVE-2025-2026

The CVE-2025-2026 entry affects the NPort 6100-G2/6200-G2 Series and is described in multiple sources (NVD, Red Hat advisories, others) as a high-severity issue where an authenticated remote attacker with web read-only privileges can perform a null byte injection via the device’s web API. Success...

7.1CVSS6.9AI score0.00378EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 7:32 a.m.5 views

CVE-2025-2026

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability CVE-2025-2026 that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service DoS condition. An authenticated...

7.1CVSS6.6AI score0.00378EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 7:32 a.m.32 views

CVE-2025-2026

The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability CVE-2025-2026 that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an unexpected device reboot and result in a denial-of-service DoS condition. An authenticated...

7.1CVSS0.00378EPSS
Exploits0References1
Rows per page
Query Builder