Security Vulnerabilities
Out-of-bounds read issue in the media subsystem.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-02-06
Identity authentication bypass vulnerability in the window module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-02-06
UAF vulnerability in the security module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-06
A flaw has been found in SourceCodester Gas Agency Management System 1.0. This issue affects some unknown processing of the file /gasmark/php_action/createUser.php. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been published and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-02-06
A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulation results in null pointer dereference. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Applying a patch is advised to resolve this issue.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-02-06
A weakness has been identified in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes null pointer dereference. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. It is suggested to install a patch to address this issue.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-02-06
A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. It is best practice to apply a patch to resolve this issue.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-02-06
A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. It is recommended to apply a patch to fix this issue.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-02-06
In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-02-05
Tanium addressed an incorrect default permissions vulnerability in Discover.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-05