CVE Catalog

CVE-2026-14460

HighCVSS 8.8
Published: Translated: NVD NIST

Summary

Missing authorization in TUBITAK BILGEM's pardus-software allows argument injection. The vulnerability affects versions 1.0.4 and earlier, fixed in version 1.0.5.

Risk Assessment

An attacker can exploit the missing authorization to perform unauthorized operations on the system, potentially leading to privilege escalation or arbitrary code execution.

Recommendation

Immediately update pardus-software to version 1.0.5 or later, which includes the necessary security fixes.

Original NVD description (English source)

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS