Is CVE-2026-40246 actively exploited?

CVE-2026-40246 has no public evidence of in-the-wild exploitation as of 2026-04-21.

What is the CVSS score for CVE-2026-40246?

CVE-2026-40246 has a CVSS score of 8.7 (HIGH severity). Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

How do I patch CVE-2026-40246?

Patch guidance is available from free5gc security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2026-40246.

Fix CVE-2026-40246 - HIGH free5gc free5gc

Description

free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP 404 response when validation fails. Execution continues and the subscription is deleted regardless. An unauthenticated attacker with access to the 5G Service Based Interface can delete arbitrary Traffic Influence Subscriptions by supplying any value for the influenceId path segment, while the API misleadingly returns a 404 Not Found response. A patched version was not available at the time of publication.

CVSS Metrics

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector: network
Complexity: low
Privileges: none
User Action: none
Confidentiality: undefined
Integrity: undefined
Availability: undefined
Weaknesses: CWE-285

Metadata

Primary Vendor: FREE5GC
Published: 4/16/2026
Last Modified: 4/21/2026
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

CVE-2026-40246

Description

CVSS Metrics

Metadata

Affected Products

Remediation Guidance

Executive Summary