CVE-2026-44329

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

CVE-2026-44329

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

CVE-2026-44321 free5GC: SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...

CVE-2026-44328

Summary: CVE-2026-44328 affects free5GC SMF 4.2.1 and is fixed in 4.2.2 via upstream patch PR#199. The SMBI UPI route group was left without inbound OAuth2 middleware, allowing unauthenticated access to delete endpoints. The DELETE /upi/v1/upNodesLinks/{upNodeRef} handler unconditionally derefere...

CVE-2026-44329

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

EUVD-2026-32569

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

CVE-2026-44329 free5GC: SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

CVE-2026-44329

CVE-2026-44329 affects free5GC SMF v4.2.1 where the UPI management route group is mounted without OAuth2/bearer-token auth. Consequently, unauthenticated requests to /upi/v1/upNodesLinks (GET, POST with attacker-controlled payload, DELETE /upi/v1/upNodesLinks/{nodeID}) can reach SMF business hand...

CVE-2026-44329 free5GC: SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of an OAuth2/bearer-token authorization middleware when SMF mounted UPI management routing groups,...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from SMF failing to include the necessary inbound OAuth2 middleware when mounting UPI management routing groups. Th...

PT-2026-42379

free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers in github.com/free5gc/smf...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to the absence of authentication and authorization checks in the UPI management interface. An attacker can gain unauthorized access to read, modify, or delete UP-node and link topology data by sending...

GHSA-44QJ-CGHF-9P97 free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)

Summary free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware same root cause as free5gc/free5gc887. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into UpNodesFromConfiguration, which calls...

PT-2026-39251

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Session Management Function SMF in free5GC mounts the UPI management route group without inbound OAuth2 middleware, allowing unauthenticated access. The POST endpoint '/upi/v1/upNodesLinks' accep...

PT-2026-39259

Name of the Vulnerable Software and Affected Versions free5GC version 4.2.1 Description The Session Management Function SMF mounts the UPI management route group without OAuth2 or bearer-token authorization middleware. This allows a network attacker with access to the Service Based Interface SBI ...

CVE-2025-67969 WordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPI QR Code Payment Gateway for WooCommerce: from n/a through = 1.5.1...

CVE-2025-67969 WordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in knitpay UPI QR Code Payment Gateway for WooCommerce upi-qr-code-payment-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPI QR Code Payment Gateway for WooCommerce: from n/a through = 1.5.1...

CVE-2025-67969

CVE-2025-67969 is a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin UPI QR Code Payment Gateway for WooCommerce (upi-qr-code-payment-for-woocommerce)

PT-2026-21043

Name of the Vulnerable Software and Affected Versions knitpay UPI QR Code Payment Gateway for WooCommerce versions through 1.5.1 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for exploitation of the...