CVE-2026-1683

Source
https://cve.org/CVERecord?id=CVE-2026-1683
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-1683.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-1683
Published
2026-01-30T14:02:09.654Z
Modified
2026-07-15T01:49:20.862034332Z
Severity
  • 5.5 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
Free5GC SMF PFCP handler.go HandlePfcpSessionReportRequest denial of service
Details

A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. To fix this issue, it is recommended to deploy a patch.

Database specific
{
    "cwe_ids": [
        "CWE-404"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/1xxx/CVE-2026-1683.json",
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/free5gc/free5gc

Affected ranges

Type
GIT
Repo
https://github.com/free5gc/free5gc
Events
Database specific
{
    "cpe": "cpe:2.3:a:free5gc:free5gc:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "4.0"
        },
        {
            "last_affected": "4.0"
        },
        {
            "introduced": "4.1.0"
        },
        {
            "last_affected": "4.1.0"
        },
        {
            "introduced": "0"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ]
}

Affected versions

4.*
4.0
4.1.0
v4.*
v4.0.0
v4.0.1
v4.1.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-1683.json"