pkg:Go/github.com/free5gc/pcf

6 total CVEsHIGH3MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • HIGH8.2CVE-2026-42083Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
    from 0, < 1.4.3
  • HIGH7.5CVE-2026-44316free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference
    from 0, < 1.4.2
  • HIGH7.5CVE-2026-41135free5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service
    from 0, < 1.4.3
  • MEDIUM6.5CVE-2026-44317free5GC's PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference
    from 0, < 1.4.3
  • MEDIUM6.5CVE-2025-60632Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API in github.com/free5gc/pcf
    from 0, < 1.4.0
  • MEDIUM6.5CVE-2025-60632Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API in github.com/free5gc/pcf
    from 0, < 1.4.0