← Back

CVE-2026-1683

nvd nist
Published: Jan 30, 2026Modified: Feb 23, 2026

JSON object

Loading...
5.5
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: CNA (Secondary)

Description

A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. To fix this issue, it is recommended to deploy a patch.

Affected (1)

Products: Free5gc: Free5gc
Free5gc
1 product
Free5gc
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Free5gc
Up to 4.1.0

Related CWEs

CWE-404
Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.

References (8)

Source: cna@vuldb.com
ExploitIssue Tracking
Source: cna@vuldb.com
ExploitIssue TrackingVendor Advisory
Source: cna@vuldb.com
Source: cna@vuldb.com
Issue Tracking
Source: cna@vuldb.com
Permissions RequiredVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry

Timeline

No history available yet.