CVE-2026-40343

MEDIUM EPSS 95.0%
Published Apr 22, 20262mo ago · Modified Jun 17, 20261w ago
6.9 CVSS 4.0
Medium
Find Similar
Published Apr 22, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the `/nudr-dr/v2/policy-data/subs-to-notify` POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions with invalid, empty, or partially processed input, depending on downstream processor behavior. As of time of publication, a patched version is not available.

CVSS Details

Base Score
6.9
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
95.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-754

Affected Products 2

VendorProductVersionRange
free5gcfree5gc* ≤4.2.1
free5gcudr* ≤1.4.2

References 1

  • github.com https://github.com/free5gc/free5gc/security/advisories/GHSA-jwch-w7wh-gqjm
    MitigationPatchVendor Advisory

Remediation

  • github.com https://github.com/free5gc/free5gc/security/advisories/GHSA-jwch-w7wh-gqjm
    MitigationPatchVendor Advisory