CVE-2026-40245
CVE-2026-40245 concerns Free5GC’s UDR service (versions 4.2.1 and below) where an information disclosure occurs via the 5G SBI endpoint GET /nudr-dr/v2/application-data/influenceData/subs-to-notify. When required query parameters are missing, the handler returns a 400 but does not stop execution,...