pkg:Go/github.com/free5gc/smf

4 total CVEsCRITICAL2HIGH2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2026-44329free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers
    from 0, < 1.4.3
  • CRITICAL10.0CVE-2026-44329free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers
    from 0, < 1.4.3
  • HIGH8.2CVE-2026-44328free5GC's SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutating
    from 0, < 1.4.3
  • HIGH7.5CVE-2026-44321free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)
    from 0, <= 1.4.3