Vulnerability-Lookup

CVE-2026-42459 (GCVE-0-2026-42459)

Vulnerability from cvelistv5 – Published: 2026-05-27 15:53 – Updated: 2026-05-27 15:53

Title

free5GC: Improper Input Validation and Generation of Error Message Containing Sensitive Information in github.com/free5gc/udm

Summary

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response that exposes internal infrastructure details. This vulnerability is fixed in 4.2.2.

Severity

7.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

CWE

CWE-20 - Improper Input Validation
CWE-209 - Generation of Error Message Containing Sensitive Information

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/free5gc/free5gc/security/advis…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
free5gc	free5gc	Affected: < 4.2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "product": "free5gc",
          "vendor": "free5gc",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response that exposes internal infrastructure details. This vulnerability is fixed in 4.2.2."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-209",
              "description": "CWE-209: Generation of Error Message Containing Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T15:53:45.452Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/free5gc/free5gc/security/advisories/GHSA-585v-hcgf-jhfr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/free5gc/free5gc/security/advisories/GHSA-585v-hcgf-jhfr"
        }
      ],
      "source": {
        "advisory": "GHSA-585v-hcgf-jhfr",
        "discovery": "UNKNOWN"
      },
      "title": "free5GC: Improper Input Validation and Generation of Error Message Containing Sensitive Information in github.com/free5gc/udm"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-42459",
    "datePublished": "2026-05-27T15:53:45.452Z",
    "dateReserved": "2026-04-27T13:55:58.694Z",
    "dateUpdated": "2026-05-27T15:53:45.452Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-42459\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-05-27T17:16:35.593\",\"lastModified\":\"2026-05-27T17:16:35.593\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response that exposes internal infrastructure details. This vulnerability is fixed in 4.2.2.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-209\"}]}],\"references\":[{\"url\":\"https://github.com/free5gc/free5gc/security/advisories/GHSA-585v-hcgf-jhfr\",\"source\":\"security-advisories@github.com\"}]}}"
  }
}

FKIE_CVE-2026-42459

Vulnerability from fkie_nvd - Published: 2026-05-27 17:16 - Updated: 2026-05-27 17:16

Severity

7.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/free5gc/free5gc/security/advisories/GHSA-585v-hcgf-jhfr

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response that exposes internal infrastructure details. This vulnerability is fixed in 4.2.2."
    }
  ],
  "id": "CVE-2026-42459",
  "lastModified": "2026-05-27T17:16:35.593",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-05-27T17:16:35.593",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/free5gc/free5gc/security/advisories/GHSA-585v-hcgf-jhfr"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Received",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-209"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

GHSA-585V-HCGF-JHFR

Vulnerability from github – Published: 2026-05-07 02:09 – Updated: 2026-05-07 02:09

Summary

Free5GC UDM has Improper Input Validation and Generation of Error Messages Containing Sensitive Information

Details

Summary

The free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response that exposes internal infrastructure details.

Affected Package

Ecosystem: Go
Package: github.com/free5gc/udm
Affected versions: <= v1.4.2
Patched versions: none yet

Details

The following handlers in internal/sbi/api_subscriberdatamanagement.go do not call validator.IsValidSupi() before passing the supi parameter to the processor:

HandleGetSmfSelectData — GET /:supi/smf-select-data
HandleGetSupi — GET /:supi
HandleGetTraceData — GET /:supi/trace-data
HandleGetUeContextInSmfData — GET /:supi/ue-context-in-smf-data
HandleGetNssai — GET /:supi/nssai
HandleGetSmData — GET /:supi/sm-data

By contrast, HandleGetAmData in the same file correctly validates the supi parameter:

// HandleGetAmData — correctly validates (not vulnerable)
supi := c.Params.ByName("supi")
if !validator.IsValidSupi(supi) {
    c.JSON(http.StatusBadRequest, problemDetail)
    return
}

// HandleGetSmfSelectData — missing validation (vulnerable)
supi := c.Params.ByName("supi")
// ← no validator.IsValidSupi(supi) call
s.Processor().GetSmfSelectDataProcedure(c, supi, plmnID, supportedFeatures)

The malformed supi is passed to the processor which constructs a URL to forward the request to UDR. Go's net/url parser rejects the URL containing control characters and returns an error. UDM catches this error and responds with a 500 SYSTEM_FAILURE that includes the full internal UDR URL in the detail field.

This is a missed fix of CVE-2026-27642, which applied the same validator.IsValidSupi() check only to internal/sbi/api_ueauthentication.go (HandleConfirmAuth and HandleGenerateAuthData), leaving the SDM service handlers unpatched.

Proof of Concept

# Vulnerable — returns 500 with internal UDR URL exposed
curl "http://<UDM_HOST>/nudm-sdm/v2/imsi-22277%00INJECTED/smf-select-data"
curl "http://<UDM_HOST>/nudm-sdm/v2/imsi-22277%00INJECTED/nssai"
curl "http://<UDM_HOST>/nudm-sdm/v2/imsi-22277%00INJECTED/trace-data"
curl "http://<UDM_HOST>/nudm-sdm/v2/imsi-22277%00INJECTED/sm-data"

# Expected (vulnerable) response:
# HTTP 500
# {
#   "title": "System failure",
#   "status": 500,
#   "detail": "parse \"http://udr.internal:80/nudr-dr/v2/subscription-data/imsi-22277\x00INJECTED//provisioned-data/smf-selection-subscription-data\": net/url: invalid control character in URL",
#   "cause": "SYSTEM_FAILURE"
# }

# Protected endpoint (for comparison) — returns 400
curl "http://<UDM_HOST>/nudm-sdm/v2/imsi-22277%00INJECTED/am-data"
# HTTP 400
# {"title":"Malformed request syntax","status":400,"detail":"Supi is invalid","cause":"MANDATORY_IE_INCORRECT"}

Impact

An unauthenticated remote attacker can send a crafted GET request to any of the six affected endpoints to obtain:

Internal UDR hostname and port
Full internal API path structure (/nudr-dr/v2/subscription-data/...)
UDR API version
Internal service naming convention

This information can be used to facilitate further attacks against the UDR or other internal 5G core components.

Recommended Fix

Add validator.IsValidSupi() to all six affected handlers, following the pattern already used in HandleGetAmData:

supi := c.Params.ByName("supi")
if !validator.IsValidSupi(supi) {
    problemDetail := models.ProblemDetails{
        Title:  "Malformed request syntax",
        Status: http.StatusBadRequest,
        Detail: "Supi is invalid",
        Cause:  "MANDATORY_IE_INCORRECT",
    }
    c.Set(sbi.IN_PB_DETAILS_CTX_STR, http.StatusText(int(problemDetail.Status)))
    c.JSON(int(problemDetail.Status), problemDetail)
    return
}

Severity

7.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/free5gc/udm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-42459"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-209"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-07T02:09:58Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "## Summary\n\nThe free5GC UDM component fails to validate the `supi` path parameter in six GET handlers of the `nudm-sdm` (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a `500 Internal Server Error` response that exposes internal infrastructure details.\n\n## Affected Package\n\n- **Ecosystem**: Go\n- **Package**: `github.com/free5gc/udm`\n- **Affected versions**: `\u003c= v1.4.2`\n- **Patched versions**: none yet\n\n## Details\n\nThe following handlers in `internal/sbi/api_subscriberdatamanagement.go` do not call `validator.IsValidSupi()` before passing the `supi` parameter to the processor:\n\n- `HandleGetSmfSelectData` \u2014 `GET /:supi/smf-select-data`\n- `HandleGetSupi` \u2014 `GET /:supi`\n- `HandleGetTraceData` \u2014 `GET /:supi/trace-data`\n- `HandleGetUeContextInSmfData` \u2014 `GET /:supi/ue-context-in-smf-data`\n- `HandleGetNssai` \u2014 `GET /:supi/nssai`\n- `HandleGetSmData` \u2014 `GET /:supi/sm-data`\n\nBy contrast, `HandleGetAmData` in the same file correctly validates the `supi` parameter:\n\n```go\n// HandleGetAmData \u2014 correctly validates (not vulnerable)\nsupi := c.Params.ByName(\"supi\")\nif !validator.IsValidSupi(supi) {\n    c.JSON(http.StatusBadRequest, problemDetail)\n    return\n}\n\n// HandleGetSmfSelectData \u2014 missing validation (vulnerable)\nsupi := c.Params.ByName(\"supi\")\n// \u2190 no validator.IsValidSupi(supi) call\ns.Processor().GetSmfSelectDataProcedure(c, supi, plmnID, supportedFeatures)\n```\n\nThe malformed `supi` is passed to the processor which constructs a URL to forward the request to UDR. Go\u0027s `net/url` parser rejects the URL containing control characters and returns an error. UDM catches this error and responds with a `500 SYSTEM_FAILURE` that includes the full internal UDR URL in the `detail` field.\n\n**This is a missed fix of CVE-2026-27642**, which applied the same `validator.IsValidSupi()` check only to `internal/sbi/api_ueauthentication.go` (`HandleConfirmAuth` and `HandleGenerateAuthData`), leaving the SDM service handlers unpatched.\n\n## Proof of Concept\n\n```bash\n# Vulnerable \u2014 returns 500 with internal UDR URL exposed\ncurl \"http://\u003cUDM_HOST\u003e/nudm-sdm/v2/imsi-22277%00INJECTED/smf-select-data\"\ncurl \"http://\u003cUDM_HOST\u003e/nudm-sdm/v2/imsi-22277%00INJECTED/nssai\"\ncurl \"http://\u003cUDM_HOST\u003e/nudm-sdm/v2/imsi-22277%00INJECTED/trace-data\"\ncurl \"http://\u003cUDM_HOST\u003e/nudm-sdm/v2/imsi-22277%00INJECTED/sm-data\"\n\n# Expected (vulnerable) response:\n# HTTP 500\n# {\n#   \"title\": \"System failure\",\n#   \"status\": 500,\n#   \"detail\": \"parse \\\"http://udr.internal:80/nudr-dr/v2/subscription-data/imsi-22277\\x00INJECTED//provisioned-data/smf-selection-subscription-data\\\": net/url: invalid control character in URL\",\n#   \"cause\": \"SYSTEM_FAILURE\"\n# }\n\n# Protected endpoint (for comparison) \u2014 returns 400\ncurl \"http://\u003cUDM_HOST\u003e/nudm-sdm/v2/imsi-22277%00INJECTED/am-data\"\n# HTTP 400\n# {\"title\":\"Malformed request syntax\",\"status\":400,\"detail\":\"Supi is invalid\",\"cause\":\"MANDATORY_IE_INCORRECT\"}\n```\n\n## Impact\n\nAn unauthenticated remote attacker can send a crafted GET request to any of the six affected endpoints to obtain:\n\n1. Internal UDR hostname and port\n2. Full internal API path structure (`/nudr-dr/v2/subscription-data/...`)\n3. UDR API version\n4. Internal service naming convention\n\nThis information can be used to facilitate further attacks against the UDR or other internal 5G core components.\n\n## Recommended Fix\n\nAdd `validator.IsValidSupi()` to all six affected handlers, following the pattern already used in `HandleGetAmData`:\n\n```go\nsupi := c.Params.ByName(\"supi\")\nif !validator.IsValidSupi(supi) {\n    problemDetail := models.ProblemDetails{\n        Title:  \"Malformed request syntax\",\n        Status: http.StatusBadRequest,\n        Detail: \"Supi is invalid\",\n        Cause:  \"MANDATORY_IE_INCORRECT\",\n    }\n    c.Set(sbi.IN_PB_DETAILS_CTX_STR, http.StatusText(int(problemDetail.Status)))\n    c.JSON(int(problemDetail.Status), problemDetail)\n    return\n}\n```",
  "id": "GHSA-585v-hcgf-jhfr",
  "modified": "2026-05-07T02:09:58Z",
  "published": "2026-05-07T02:09:58Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/free5gc/security/advisories/GHSA-585v-hcgf-jhfr"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/free5gc/security/advisories/GHSA-h4wg-rp7m-8xx4"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/free5gc/free5gc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/udm/blob/v1.4.3/internal/sbi/api_subscriberdatamanagement.go"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Free5GC UDM has Improper Input Validation and Generation of Error Messages Containing Sensitive Information"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-42459 (GCVE-0-2026-42459)

FKIE_CVE-2026-42459

GHSA-585V-HCGF-JHFR

Summary

Affected Package

Details

Proof of Concept

Impact

Recommended Fix

Tags

Sightings

Nomenclature