cbcvebase.

Github.Com Free5Gc Smf vulnerabilities

3 known vulnerabilities affecting github.com/free5gc_smf.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2

Vulnerabilities

Page 1 of 1
CVE-2026-44329P2CRITICAL≥ 0, < 1.4.32026-05-08
CVE-2026-44329 [CRITICAL] CWE-306 free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers ### Summary free5GC's SMF mounts the `UPI` management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit `UPI` endpoints with no `Authorization` heade
ghsa
CVE-2026-44328P3HIGH≥ 0, < 1.4.32026-05-08
CVE-2026-44328 [HIGH] CWE-306 free5GC's SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutating free5GC's SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutating ### Summary free5GC's SMF mounts the `UPI` management route group without inbound OAuth2 middleware (same root cause as the broader UPI auth gap reported in free5gc/free5gc#887). On top of that, th
ghsa
CVE-2026-44321P3HIGH≥ 0, ≤ 1.4.32026-05-08
CVE-2026-44321 [HIGH] CWE-306 free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf) free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf) ### Summary free5GC's SMF mounts the `UPI` management route group without inbound OAuth2 middleware (same root cause as free5gc/free5gc#887). The `POST /upi/v1/upNodesLinks` create-or-update handler accepts attacker-c
ghsa
Github.Com Free5Gc Smf vulnerabilities | cvebase