Package impact

Go / github.com/free5gc/udr

CVE	Severity	CVSS	Risk	Published	Description
CVE-2026-44324	medium	6.5	6.5	7d ago	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscriptions han…
CVE-2026-44323	medium	4.3	4.3	7d ago	free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscriptions han…
CVE-2026-40343	unknown	—	—	1mo ago	free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
CVE-2026-40249	unknown	—	—	2mo ago	free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors
CVE-2026-40248	unknown	—	—	2mo ago	free5gc UDR improper path validation allows unauthenticated creation and modification of Traffic Influence Subscriptions
CVE-2026-40247	unknown	—	—	2mo ago	free5gc UDR improper path validation allows unauthenticated access to Traffic Influence Subscriptions
CVE-2026-40246	unknown	—	—	2mo ago	free5gc UDR improper path validation allows unauthenticated deletion of Traffic Influence Subscriptions
CVE-2026-40245	unknown	—	—	2mo ago	free5gc UDR nudr-dr influenceData/subs-to-notify leaks SUPI in error response body without authentication