Lucene search
K

21 matches found

CVE
CVE
added 2026/05/27 3:56 p.m.17 views

CVE-2026-42083

CVE-2026-42083 affects free5GC PCF Npcf_SMPolicyControl where missing router authorization middleware in the smPolicyGroup allowed unauthenticated access to SM policy endpoints (e.g., POST /npcf-smpolicycontrol/v1/sm-policies, GET /sm-policies/{id}, POST /sm-policies/{id}/update, POST /sm-policie...

8.2CVSS5.8AI score0.00323EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/05/27 3:52 p.m.45 views

CVE-2026-44316 free5GC: PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler HandleCreateSmPolicyRequest panics with a nil-pointer dereference when a downstream OpenAPI consumer call UDR lookup returns 404 Not Found and the...

7.5CVSS0.00404EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/27 3:52 p.m.13 views

CVE-2026-44316 free5GC: PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler HandleCreateSmPolicyRequest panics with a nil-pointer dereference when a downstream OpenAPI consumer call UDR lookup returns 404 Not Found and the...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References4
CVE
CVE
added 2026/05/27 3:52 p.m.24 views

CVE-2026-44316

The CVE describes a nil-pointer dereference in free5GC PCF (POST /npcf-smpolicycontrol/v1/sm-policies) HandleCreateSmPolicyRequest. When a downstream OpenAPI (UDR) lookup returns 404 and the wrapper returns err != nil with a nil response, the code logs the error but does not return, then derefere...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:52 p.m.13 views

CVE-2026-44316

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler HandleCreateSmPolicyRequest panics with a nil-pointer dereference when a downstream OpenAPI consumer call UDR lookup returns 404 Not Found and the...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.9 views

CVE-2026-8222

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

7.5CVSS5.5AI score0.00477EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.11 views

CVE-2026-8223

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

7.5CVSS5.6AI score0.00477EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/10 3:33 a.m.13 views

EUVD-2026-28958

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

6.9CVSS5.4AI score0.00477EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/10 3:33 a.m.12 views

EUVD-2026-28959

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

6.9CVSS5.3AI score0.00477EPSS
Exploits1References6
NVD
NVD
added 2026/05/10 3:16 a.m.26 views

CVE-2026-8222

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00477EPSS
Exploits1References5
NVD
NVD
added 2026/05/10 3:16 a.m.22 views

CVE-2026-8223

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

7.5CVSS0.00477EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/10 2:45 a.m.7 views

CVE-2026-8223 Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send denial of service

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

6.9CVSS5.6AI score0.00477EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/10 2:45 a.m.5 views

CVE-2026-8223

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

6.9CVSS5.6AI score0.00477EPSS
Exploits1References5
CVE
CVE
added 2026/05/10 2:45 a.m.26 views

CVE-2026-8223

CVE-2026-8223 affects Open5GS up to 2.7.7; the vulnerable component is sm-policies Endpoint, function pcf_sess_sbi_discover_and_send. Manipulation leads to denial of service and can be triggered remotely. An exploit has been publicized. Public details in Red Hat EUVD/NVD entries confirm the issue...

7.5CVSS5.6AI score0.00477EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/05/10 2:45 a.m.53 views

CVE-2026-8223 Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send denial of service

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcfsesssbidiscoverandsend of the component sm-policies Endpoint. Performing a manipulation results in denial of service. It is possible to initiate the attack remotely. The exploit has been made publi...

6.9CVSS0.00477EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/10 2:30 a.m.9 views

CVE-2026-8222 Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_management_handle_register denial of service

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

6.9CVSS5.5AI score0.00477EPSS
Exploits1References5
CVE
CVE
added 2026/05/10 2:30 a.m.24 views

CVE-2026-8222

Open5GS

7.5CVSS5.5AI score0.00477EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/05/10 2:30 a.m.49 views

CVE-2026-8222 Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_management_handle_register denial of service

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcfnbsfmanagementhandleregister of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such manipulation leads to denial of service. The attack may be performed from remote. The exploit has been...

6.9CVSS0.00477EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.16 views

PT-2026-39440

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service can be triggered in the sm-policies endpoint. The issue exists within the pcf nbsf management handle register function located in the src/pcf/nbsf-handler.c file...

7.5CVSS6.1AI score0.00477EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.16 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from a function in the sm-policies Endpoint component, specifically t...

7.5CVSS6.1AI score0.00477EPSS
Exploits1References1
Rows per page
Query Builder