CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/27 3:41 p.m.•36 views

CVE-2026-44326 free5GC: NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptions

9.4CVSS0.00045EPSS

ATTACKERKB•added 2026/05/27 3:41 p.m.•6 views

CVE-2026-44326

Exploits1References4Affected Software1

EUVD•added 2026/05/27 3:41 p.m.•6 views

EUVD-2026-32572

CVE•added 2026/05/27 3:41 p.m.•8 views

CVE-2026-44326

CVE-2026-44326 affects free5gc NEF 3gpp-traffic-influence API. Prior to version 4.2.2, the NEF mounts the 3gpp-traffic-influence endpoint without inbound OAuth2/bearer-token authorization. An unauthenticated or forged-token request reachable on the SBI can create, read, patch, and delete traffic-...

Exploits1References3Affected Software1

Vulnrichment•added 2026/05/27 3:41 p.m.•3 views

CVE-2026-44326 free5GC: NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptions

CNNVD•added 2026/05/27 12:0 a.m.•4 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/Bearer-token authorization when the NEF module mounted the 3gpp-traffic-influence...

Veracode•added 2026/05/16 5:32 a.m.•10 views

Information Disclosure

Free5GC is vulnerable to Information Disclosure. The vulnerability is due to improper request handling in the UDR endpoint GET /nudr-dr/v2/application-data/influenceData/subs-to-notify, where error responses for missing or malformed parameters do not terminate execution. As a result, processing...

7.5CVSS5.8AI score0.00047EPSS

Exploits1References1Affected Software1

Veracode•added 2026/05/16 5:30 a.m.•5 views

Improper Access Control

github.com/free5gc/udr is vulnerable to Improper Access Control. The vulnerability is due to improper request handling in the Traffic Influence Subscription deletion endpoint, which allows an attacker to bypass validation and delete arbitrary subscriptions despite receiving a misleading 404...

8.7CVSS5.9AI score0.00034EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2026/05/08 10:58 p.m.•7 views

free5GC's NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptions

Summary free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptions either with no Authorization header at all, or with a forged bearer...

Exploits1References4Affected Software1

Snyk•added 2026/05/08 10:58 p.m.•3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the 3gpp-traffic-influence API route group, which lacks inbound authorization checks. An attacker can create, read, modify, or delete traffic-influence subscriptions by sending unauthenticated or forged requests...

Snyk•added 2026/05/08 10:58 p.m.•4 views

Missing Authorization

Snyk•added 2026/05/08 10:58 p.m.•3 views

Missing Authorization

OSV•added 2026/05/08 10:58 p.m.•3 views

GHSA-3P28-73Q7-45XP free5GC's NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptions

Snyk•added 2026/05/08 10:58 p.m.•3 views

Exploits1References4

Missing Authorization

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-39256

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Network Exposure Function NEF mounts the '3gpp-traffic-influence' API without requiring inbound OAuth2 or bearer-token authorization. A network attacker with access to the NEF on the Service Base...

RedhatCVE•added 2026/04/20 7:22 p.m.•1 views

Exploits1References6

CVE-2026-40248

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP 404...

8.7CVSS5.9AI score0.00042EPSS

Exploits1References1

RedhatCVE•added 2026/04/18 7:22 a.m.•0 views

CVE-2026-40246

free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP 404 response when...

8.7CVSS5.9AI score0.00034EPSS

Exploits1References1

Snyk•added 2026/04/16 11:38 p.m.•2 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization in the handler for creating or updating Traffic Influence Subscriptions due to improper validation of the influenceId path segment. An attacker can create or overwrite arbitrary Traffic Influence Subscriptions,...

8.7CVSS5.7AI score0.00042EPSS

Snyk•added 2026/04/16 11:38 p.m.•1 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization in the handler responsible for reading Traffic Influence Subscriptions. An attacker can access sensitive subscription data, including SUPIs/IMSIs, DNNs, S-NSSAIs, and callback URIs, by supplying arbitrary values f...

8.7CVSS5.6AI score0.00043EPSS