Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

129 matches found

NVD
NVDadded 2026/05/27 5:16 p.m.7 views

CVE-2026-44327

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the handl...

10CVSS0.00045EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/05/27 3:40 p.m.34 views

CVE-2026-44327 free5GC: NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handler

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the handl...

10CVSS0.00045EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.6 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF module mounted the nnef-oam routing group...

10CVSS5.8AI score0.00045EPSS
Exploits1References4
OSV
OSVadded 2026/05/08 10:59 p.m.1 views

GHSA-CMPJ-2X3G-M7G3 free5GC's NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handler

Summary free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the handler returns 200 OK. The current OAM handler is a stub that returns null, b...

10CVSS5.8AI score0.00045EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2026/05/08 10:59 p.m.4 views

free5GC's NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handler

Summary free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the handler returns 200 OK. The current OAM handler is a stub that returns null, b...

10CVSS5.8AI score0.00045EPSS
Exploits1References4Affected Software1
Snyk
Snykadded 2026/05/08 10:59 p.m.3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the nnef-oam route group due to missing inbound authentication and authorization checks. An attacker can gain unauthorized access to administrative operations by sending unauthenticated requests to the exposed...

10CVSS5.8AI score0.00045EPSS
Exploits1References3
Snyk
Snykadded 2026/05/08 10:59 p.m.2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the nnef-oam route group due to missing inbound authentication and authorization checks. An attacker can gain unauthorized access to administrative operations by sending unauthenticated requests to the exposed...

10CVSS5.8AI score0.00045EPSS
Exploits1References3
Snyk
Snykadded 2026/05/08 10:59 p.m.3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the nnef-oam route group due to missing inbound authentication and authorization checks. An attacker can gain unauthorized access to administrative operations by sending unauthenticated requests to the exposed...

10CVSS5.8AI score0.00045EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.6 views

PT-2026-39257

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Network Exposure Function NEF mounts the 'nnef-oam' route group without requiring inbound OAuth2 or bearer-token authorization. A network attacker with access to the NEF on the Service Based...

10CVSS5.9AI score0.00045EPSS
Exploits1References6
EUVD
EUVDadded 2026/05/06 12:30 p.m.1 views

EUVD-2026-27747

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in ioam6filltracedata On the receive path, ioam6filltracedata uses trace-nodelen to decide how much data to write for each node. It trusts this field as-is from the incoming packet, with no...

5.9AI score0.00181EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2026/05/06 7:40 a.m.2 views

CVE-2026-43101

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix potential NULL dereferences in ioam6filltracedata We need to check in6devget for possible NULL value, as suggested by Yiming Qian. Also add skbdstdevrcu instead of skbdstdev, and two missing READONCE. Note that @d...

7.5CVSS5.7AI score0.00058EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.4 views

PT-2026-37411

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential NULL pointer dereference exists in the Linux kernel within the IPv6 IOAM In-situ Operations, Administration, and Maintenance component. The issue occurs in the ioam6 fill tra...

5.8AI score0.00058EPSS
Exploits0References5
NVD
NVDadded 2026/04/22 12:16 a.m.1 views

CVE-2026-41135

free5GC UDR is the Policy Control Function PCF for free5GC, an an open-source project for 5th generation 5G mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory...

7.5CVSS0.00048EPSS
Exploits1References2
CVE
CVEadded 2026/04/21 11:49 p.m.7 views

CVE-2026-41135

CVE-2026-41135 affects free5GC UDR (PCF) prior to version 1.4.3. The root cause is a faulty router.Use() call inside an HTTP handler that registers a new CORS middleware on every incoming request, causing the Gin router to permanently grow its handler chain. This leads to progressive memory exhau...

7.5CVSS5.7AI score0.00048EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichmentadded 2026/04/21 11:49 p.m.1 views

CVE-2026-41135 free5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service

free5GC UDR is the Policy Control Function PCF for free5GC, an an open-source project for 5th generation 5G mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory...

7.5CVSS5.7AI score0.00048EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2012-5020

Malware in sbrugna...

4.3CVSS6.4AI score0.00287EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-12505

Malware in sbrugna...

7.5CVSS7.5AI score0.00536EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2015-4782

Malware in sbrugna...

3.5CVSS6.5AI score0.0015EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-19702

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00062EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-19704

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00069EPSS
Exploits0References1
Rows per page
Query Builder