{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-2525","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2026-02-15T08:45:10.248Z","datePublished":"2026-02-16T01:02:06.733Z","dateUpdated":"2026-02-23T10:03:24.272Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2026-02-23T10:03:24.272Z"},"title":"Free5GC PFCP UDP Endpoint denial of service","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-404","lang":"en","description":"Denial of Service"}]}],"affected":[{"vendor":"n/a","product":"Free5GC","versions":[{"version":"4.0","status":"affected"},{"version":"4.1.0","status":"affected"}],"cpes":["cpe:2.3:a:free5gc:free5gc:*:*:*:*:*:*:*:*"],"modules":["PFCP UDP Endpoint"]}],"descriptions":[{"lang":"en","value":"A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":6.9,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":5.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5,"vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2026-02-15T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2026-02-15T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2026-02-20T06:06:44.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"ZiyuLin (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.346113","name":"VDB-346113 | Free5GC PFCP UDP Endpoint denial of service","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.346113","name":"VDB-346113 | CTI Indicators (IOB, IOC, TTP)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.739509","name":"Submit #739509 | free5gc UPF v4.1.0 Denial of Service","tags":["third-party-advisory"]},{"url":"https://github.com/free5gc/free5gc/issues/796","tags":["issue-tracking"]},{"url":"https://github.com/free5gc/free5gc/issues/796#issue-3812169865","tags":["exploit","issue-tracking"]},{"url":"https://github.com/free5gc/free5gc/","tags":["product"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-02-17T17:16:12.116371Z","id":"CVE-2026-2525","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-17T17:16:19.988Z"}}]}}