Package impact
Go / github.com/free5gc/pcf
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42083 | high | 8.2 | 8.2 | 1d ago | Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI | |
| CVE-2026-44316 | high | 7.5 | 7.5 | 1d ago | free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference | |
| CVE-2026-44317 | medium | 6.5 | 6.5 | 1d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose as… |