Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Free5GC

Source -

CNA

BOS Name -

N/A

CNA CVEs -

4

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
4Vulnerabilities found
CVE-2026-1739
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 21.18%
||
7 Day CHG+0.02%
Published-02 Feb, 2026 | 02:02
Updated-11 Feb, 2026 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free5GC pcf smpolicy.go HandleCreateSmPolicyRequest null pointer dereference

A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is df535f5524314620715e842baf9723efbeb481a7. Applying a patch is the recommended action to fix this issue.

Action-Not Available
Vendor-free5gcFree5GC
Product-pcfpcf
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-1684
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 22.58%
||
7 Day CHG~0.00%
Published-30 Jan, 2026 | 14:32
Updated-04 Feb, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free5GC SMF PFCP UDP Endpoint pfcp_reports.go HandleReports denial of service

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcp_reports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to implement a patch to correct this issue.

Action-Not Available
Vendor-Free5GC
Product-SMF
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2026-1683
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 22.58%
||
7 Day CHG~0.00%
Published-30 Jan, 2026 | 14:02
Updated-04 Feb, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free5GC SMF PFCP handler.go HandlePfcpSessionReportRequest denial of service

A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. To fix this issue, it is recommended to deploy a patch.

Action-Not Available
Vendor-Free5GC
Product-SMF
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2026-1682
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 19.12%
||
7 Day CHG~0.00%
Published-30 Jan, 2026 | 14:02
Updated-04 Feb, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free5GC SMF PFCP UDP Endpoint handler.go HandlePfcpAssociationReleaseRequest null pointer dereference

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been published and may be used. A patch should be applied to remediate this issue.

Action-Not Available
Vendor-Free5GC
Product-SMF
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference