CVE-2026-40343
Received Received - Intake
Fail-Open Request Handling Flaw in free5GC UDR Service

Publication date: 2026-04-22

Last updated on: 2026-04-23

Assigner: GitHub, Inc.

Description
free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the `/nudr-dr/v2/policy-data/subs-to-notify` POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions with invalid, empty, or partially processed input, depending on downstream processor behavior. As of time of publication, a patched version is not available.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-22
Last Modified
2026-04-23
Generated
2026-05-07
AI Q&A
2026-04-22
EPSS Evaluated
2026-05-05
NVD
CVE-2026-40343
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
free5gc free5gc to 4.2.1 (inc)
free5gc udr to 1.4.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-754 The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

The vulnerability exists in free5GC UDR, the user data repository component of the free5GC open-source 5G core network project. In versions up to and including 1.4.2, there is a fail-open flaw in the handling of POST requests to the /nudr-dr/v2/policy-data/subs-to-notify endpoint. Specifically, even if there are errors retrieving or deserializing the request body, the service continues processing the request. This can lead to the unintended creation of Policy Data notification subscriptions with invalid, empty, or partially processed input, depending on how downstream processors handle the data.


How can this vulnerability impact me? :

This vulnerability can impact you by allowing the creation of invalid or malformed Policy Data notification subscriptions within the free5GC UDR service. Such unintended subscriptions could cause incorrect or unexpected behavior in the 5G core network's policy management functions, potentially leading to service disruptions, incorrect policy enforcement, or other operational issues depending on how downstream components process these invalid subscriptions.


What immediate steps should I take to mitigate this vulnerability?

As of the time of publication, a patched version of free5GC UDR is not available.

Immediate mitigation steps are not specified in the provided information.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart