CVE Catalog

CVE-2026-14459

HighCVSS 8.8
Published: Translated: NVD NIST

Summary

An argument injection vulnerability in TUBITAK BILGEM's pardus-software allows attackers to inject additional arguments into commands. The issue affects versions up to and including 1.0.4 and is fixed in version 1.0.5.

Risk Assessment

An attacker can inject extra arguments into system commands, potentially leading to unauthorized code execution or privilege escalation.

Recommendation

Immediately update pardus-software to version 1.0.5 or later, which includes the fix for this vulnerability.

Original NVD description (English source)

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS