CVE-2026-14459
HighCVSS 8.8Summary
An argument injection vulnerability in TUBITAK BILGEM's pardus-software allows attackers to inject additional arguments into commands. The issue affects versions up to and including 1.0.4 and is fixed in version 1.0.5.
Risk Assessment
An attacker can inject extra arguments into system commands, potentially leading to unauthorized code execution or privilege escalation.
Recommendation
Immediately update pardus-software to version 1.0.5 or later, which includes the fix for this vulnerability.
Original NVD description (English source)
Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

