CVE-2026-2525

EUVD-2026-6138
A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
VulDBCNA
5.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
free5gcfree5gc
𝑥
≤ 4.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/free5gc/free5gc/
https://github.com/free5gc/free5gc/issues/796
https://github.com/free5gc/free5gc/issues/796#issue-3812169865
https://vuldb.com/?ctiid.346113
https://vuldb.com/?id.346113
https://vuldb.com/?submit.739509