Launch Week Day 1: Announcing Security Design Review
Start for Free
go

github.com/free5gc/smf

View on go registry
4 Total advisories
4 Vulnerabilities
0 Malware

Vulnerabilities

HIGH 7.5
Go

CVE-2026-44321

free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)
HIGH 8.2
Go

CVE-2026-44328

free5GC's SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutating
CRITICAL 10.0
Go

CVE-2026-44329

free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers
UNKNOWN
Go

CVE-2026-44329

free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers in github.com/free5gc/smf

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes