{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T03:03:03.113","vulnerabilities":[{"cve":{"id":"CVE-2026-27642","sourceIdentifier":"security-advisories@github.com","published":"2026-02-24T01:16:15.390","lastModified":"2026-02-25T16:44:26.120","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters (e.g., %00) into the supi parameter, triggering internal URL parsing errors (net/url: invalid control character). This exposes system-level error details and can be used for service fingerprinting. All deployments of free5GC using the UDM Nudm_UEAU service may be affected. free5gc/udm pull request 75 contains a fix for the issue. No direct workaround is available at the application level. Applying the official patch is recommended."},{"lang":"es","value":"free5gc UDM proporciona Gestión Unificada de Datos (UDM) para free5GC, un proyecto de código abierto para redes centrales móviles de quinta generación (5G). En versiones hasta la 1.4.1 inclusive, atacantes remotos pueden inyectar caracteres de control (p. ej., %00) en el parámetro supi, desencadenando errores internos de análisis de URL (net/url: invalid control character). Esto expone detalles de errores a nivel de sistema y puede utilizarse para el fingerprinting de servicios. Todas las implementaciones de free5GC que utilizan el servicio UDM Nudm_UEAU pueden verse afectadas. free5gc/udm pull request 75 contiene una corrección para el problema. No hay una solución alternativa directa disponible a nivel de aplicación. Se recomienda aplicar el parche oficial."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:free5gc:udm:*:*:*:*:*:go:*:*","versionEndIncluding":"1.4.1","matchCriteriaId":"D54382D2-F895-4384-9D82-597709AAE7A7"}]}]}],"references":[{"url":"https://github.com/free5gc/free5gc/issues/749","source":"security-advisories@github.com","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://github.com/free5gc/free5gc/security/advisories/GHSA-h4wg-rp7m-8xx4","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://github.com/free5gc/udm/commit/a7af2321ddea6368c43835f90f6d1b9d67dd2ea1","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/free5gc/udm/pull/75","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]}]}}]}