Vulnerability in Free5gc Udr

CVE-2026-40343

free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the `/nud…

EPSS: 0.001 (18.8th percentile) — read the EPSS interpretation.

Affected products

Free5gc Udr — versions <= 1.4.2

Weakness classification (CWE)

CWE-754 — Improper Check for Unusual or Exceptional Conditions

References

https://github.com/free5gc/free5gc/security/advisories/GHSA-jwch-w7wh-gqjm (x_refsource_CONFIRM)