CVE-2026-40343

Source
https://cve.org/CVERecord?id=CVE-2026-40343
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40343.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-40343
Aliases
Published
2026-04-21T23:47:33.125Z
Modified
2026-07-15T01:49:07.152759581Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N CVSS Calculator
Summary
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
Details

free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions with invalid, empty, or partially processed input, depending on downstream processor behavior. As of time of publication, a patched version is not available.

Database specific
{
    "cwe_ids": [
        "CWE-754"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40343.json",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "1.4.2"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/free5gc/free5gc

Affected ranges

Type
GIT
Repo
https://github.com/free5gc/free5gc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:free5gc:free5gc:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2.1"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

v3.*
v3.0.5
v3.0.6
v3.0.7
v3.1.0
v3.1.1
v3.2.0
v3.2.1
v3.3.0
v3.4.0
v3.4.1
v3.4.2
v3.4.3
v3.4.4
v3.4.5
v4.*
v4.0.0
v4.0.1
v4.1.0
v4.2.0
v4.2.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40343.json"

Git / github.com/free5gc/udr

Affected ranges

Type
GIT
Repo
https://github.com/free5gc/udr
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:free5gc:udr:*:*:*:*:*:go:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.4.2"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

v.*
v.1.2.5
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.1.0
v1.1.1
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.3.0
v1.3.1
v1.3.2
v1.4.0
v1.4.1
v1.4.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40343.json"