Vulnerability in Free5gc

CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attac…

EPSS: 0.003 (54.7th percentile) — read the EPSS interpretation.

Affected products

Free5gc — versions < 1.4.2

Weakness classification (CWE)

CWE-478

References

https://github.com/free5gc/free5gc/security/advisories/GHSA-7g27-v5wj-jr75 (x_refsource_CONFIRM)
https://github.com/free5gc/free5gc/issues/781 (x_refsource_MISC)
https://github.com/free5gc/udm/pull/78 (x_refsource_MISC)
https://github.com/free5gc/udm/commit/65d7070f4bfd016864cbbaefbd506bbc85d2fa92 (x_refsource_MISC)