| CVE-2026-44327 |
critical |
10.0 |
10.0 |
|
|
|
1d ago |
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker wh… |
| CVE-2026-44330 |
critical |
10.0 |
10.0 |
|
|
|
1d ago |
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network a… |
| CVE-2026-44315 |
critical |
9.4 |
9.4 |
|
|
|
1d ago |
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-pfd-management API without inbound OAuth2/bearer-token authorization. A network attacker… |
| CVE-2026-44326 |
critical |
9.4 |
9.4 |
|
|
|
1d ago |
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attac… |
| CVE-2026-44319 |
high |
7.5 |
7.5 |
|
|
|
1d ago |
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNo… |
| CVE-2026-44322 |
high |
7.5 |
7.5 |
|
|
|
1d ago |
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF PATCH /3gpp-pfd-management/v1/{afId}/transactions/{transId}/applications/{appId} handler panics with a n… |
| CVE-2026-44320 |
high |
7.3 |
7.3 |
|
|
|
1d ago |
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbi… |