Path Traversal Vulnerability in TUBITAK Pardus Software Center
CVE-2026-5166

9.6CRITICAL

Key Information:

Vendor: Tubitak Bilgem Software Technologies Research Institute
Status: Pardus Software Center
Vendor: CVE Published:; 29 April 2026

🔔 Create Tubitak Bilgem Software Technologies Research Institute Vulnerability Alert

What is CVE-2026-5166?

A vulnerability in the TUBITAK Pardus Software Center allows attackers to exploit path traversal issues. This security flaw enables unauthorized access to files and directories outside of the intended file system path. Successful exploitation can lead to information disclosure, making it critical for users of versions prior to 1.0.3 to update and mitigate risks associated with this vulnerability.

Affected Version(s)

Pardus Software Center 1.0.2 < 1.0.3

References

https://www.usom.gov.tr/bildirim/tr-26-0131

third-party-advisory

CVSS V3.1

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2026
Vulnerability Reserved
Mar 30, 2026

Credit

Çağrı ESER

CVE-2026-5166 Data

JSON