Denial of Service Vulnerability in Free5GC SMF by Free5GC
CVE-2026-1684

6.9MEDIUM

Key Information:

Vendor: Free5gc
Status: Smf
Vendor: CVE Published:; 30 January 2026

What is CVE-2026-1684?

A security issue has been identified in Free5GC SMF versions up to 4.1.0, specifically in the HandleReports function within the PFCP UDP Endpoint component. This vulnerability allows a remote attacker to exploit the system, leading to a denial of service situation. Users of affected versions are highly encouraged to implement available patches to mitigate the risk.

Affected Version(s)

SMF 4.0

SMF 4.1.0

References

https://vuldb.com/?id.343477

vdb-entrytechnical-description

https://vuldb.com/?ctiid.343477

signaturepermissions-required

https://vuldb.com/?submit.739655

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 30, 2026
Vulnerability Reserved
Jan 30, 2026

Credit

ZiyuLin (VulDB User)

CVE-2026-1684 Data

JSON

Free5gc

What is CVE-2026-1684?

Affected Version(s)

References

CVSS V4

Timeline

Credit