Missing Authorization Vulnerability in TUBITAK BILGEM Software Technologies Research Institute Product
CVE-2026-14460

8.8HIGH

What is CVE-2026-14460?

The TUBITAK BILGEM Software Technologies Research Institute's pardus-software is susceptible to a missing authorization vulnerability that allows for argument injection. This impacts versions up to and including 1.0.4, potentially enabling unauthorized users to manipulate arguments, leading to unintended behavior within the software's functioning. It is crucial for users running affected versions to upgrade to 1.0.5 or later to mitigate this risk.

Affected Version(s)

pardus-software <= 1.0.4 < 1.0.5

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Kerem Kaan DASMAZ
.