CVE-2026-40249 | Free5GC up to 4.2.1 UDR Service {subsId} unusual condition (GHSA-gx38-8h33-pmxr)

A vulnerability described as critical has been identified in Free5GC up to 4.2.1. Impacted is an unknown function of the file /nudr-dr/v2/policy-data/subs-to-notify/{subsId} of the component UDR Service. The manipulation results in improper check for unusual conditions.

This vulnerability was named CVE-2026-40249. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More