SMF — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in SMF, with AI-generated Chinese analysis, references, and POCs.

Vendor: SMF

CVE ID	Title	CVSS	Severity	Published
CVE-2026-26025	free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.USAR=1 and UsageReport omits mandatory URRID sub-IE CWE-476	7.5	-	2026-02-24
CVE-2026-26024	free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.USAR=1 and UsageReport omits mandatory URRID sub-IE CWE-476	7.5	-	2026-02-24
CVE-2026-25501	free5GC SMF crash (nil pointer dereference) on PFCP SessionReportRequest when ReportType.DLDR is set but DownlinkDataReport IE is missing CWE-476	7.5	-	2026-02-24
CVE-2026-1684	Free5GC SMF PFCP UDP Endpoint pfcp_reports.go HandleReports denial of service CWE-404	5.3	Medium	2026-01-30
CVE-2026-1683	Free5GC SMF PFCP handler.go HandlePfcpSessionReportRequest denial of service CWE-404	5.3	Medium	2026-01-30
CVE-2026-1682	Free5GC SMF PFCP UDP Endpoint handler.go HandlePfcpAssociationReleaseRequest null pointer dereference CWE-476	5.3	Medium	2026-01-30
CVE-2025-2583	SimpleMachines SMF ManageNews.php cross site scripting CWE-79	3.5	Low	2025-03-21
CVE-2025-2582	SimpleMachines SMF ManageAttachments.php cross site scripting CWE-79	3.5	Low	2025-03-21
CVE-2024-7438	SimpleMachines SMF User Alert Read Status index.php resource injection CWE-99	4.3	Medium	2024-08-03
CVE-2024-7437	SimpleMachines SMF Delete User index.php resource injection CWE-99	5.4	Medium	2024-08-03
CVE-2013-4395	Simple Machines Forum 跨站脚本漏洞	6.1	-	2020-02-12
CVE-2013-0192	Simple Machines Forum 信息泄露漏洞	4.9	-	2020-02-07
CVE-2009-5068	Simple Machines Forum 安全漏洞	7.2	-	2020-01-15

All 13 known CVE vulnerabilities affecting SMF with full Chinese analysis, references, and POCs where available.