Launch Week Day 1: Announcing Security Design Review
Start for Free
go

github.com/free5gc/pcf

View on go registry
6 Total advisories
6 Vulnerabilities
0 Malware

Vulnerabilities

HIGH 7.5
Go

CVE-2026-44316

free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference
MEDIUM 6.5
Go

CVE-2026-44317

free5GC's PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference
HIGH 8.2
Go

CVE-2026-42083

Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
HIGH 7.5
Go

CVE-2026-41135

free5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service
UNKNOWN
Go

CVE-2025-60632

Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API in github.com/free5gc/pcf
MEDIUM 6.5
Go

CVE-2025-60632

Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes