CVE-2026-42459 PUBLISHED

free5GC: Improper Input Validation and Generation of Error Message Containing Sensitive Information in github.com/free5gc/udm

Assigner: GitHub_M
Reserved: 27.04.2026 Published: 27.05.2026 Updated: 28.05.2026

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response that exposes internal infrastructure details. This vulnerability is fixed in 4.2.2.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
CVSS Score: 7.7

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	None
Attack Complexity	Low	Integrity	None	Integrity	None
Attack Requirements	None	Availability	None	Availability	None
Privileges Required	None
User Interaction	None

CVSS 4.0

Product Status

Vendor	free5gc
Product	free5gc
Versions	Version < 4.2.2 is affected

References

https://github.com/free5gc/free5gc/security/advisories/GHSA-585v-hcgf-jhfr

Problem Types

CWE-20: Improper Input Validation CWE
CWE-209: Generation of Error Message Containing Sensitive Information CWE