Missing Authentication Vulnerability in TUBITAK Liderahenk Software
CVE-2026-2339

7.5HIGH

Key Information:

Vendor: Tubitak Bilgem Software Technologies Research Institute
Status: Liderahenk
Vendor: CVE Published:; 10 March 2026

🔔 Create Tubitak Bilgem Software Technologies Research Institute Vulnerability Alert

What is CVE-2026-2339?

A significant vulnerability exists in TUBITAK's Liderahenk software prior to version 3.4.0 due to missing authentication for critical functions. This weakness allows unauthorized users to exploit the system, gaining the ability to execute arbitrary commands and potentially escalating privileges. Such vulnerabilities can enable attackers to manipulate system operations and access sensitive information, making it crucial for users to update to the latest version to mitigate potential threats.

Affected Version(s)

Liderahenk 0 < 3.5.1

References

https://www.usom.gov.tr/bildirim/tr-26-0087

third-party-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Feb 11, 2026

Credit

Edip ALHAZOURİ

CVE-2026-2339 Data

JSON