Search criteria
2 vulnerabilities found for Pardus About by TUBITAK BILGEM Software Technologies Research Institute
CVE-2026-5161 (GCVE-0-2026-5161)
Vulnerability from nvd – Published: 2026-04-29 14:27 – Updated: 2026-05-04 13:20
VLAI
Title
Improper Authentication in TUBITAK BILGEM's Pardus About
Summary
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.
This issue affects Pardus About: before 1.2.2.
Severity
8.8 (High)
CWE
- CWE-59 - Improper link resolution before file access ('link following')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-26-0131 | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TUBITAK BILGEM Software Technologies Research Institute | Pardus About |
Affected:
0 , < 1.2.2
(custom)
|
Date Public
2026-04-29 14:20
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T14:47:02.370924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T14:53:02.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Pardus About",
"vendor": "TUBITAK BILGEM Software Technologies Research Institute",
"versions": [
{
"lessThan": "1.2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u00c7a\u011fr\u0131 ESER"
}
],
"datePublic": "2026-04-29T14:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper link resolution before file access (\u0027link following\u0027) vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.\u003cp\u003eThis issue affects Pardus About: before 1.2.2.\u003c/p\u003e"
}
],
"value": "Improper link resolution before file access (\u0027link following\u0027) vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.\n\nThis issue affects Pardus About: before 1.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-132",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-132 Symlink Attack"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper link resolution before file access (\u0027link following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T13:20:54.929Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.usom.gov.tr/bildirim/tr-26-0131"
}
],
"source": {
"advisory": "TR-26-0131",
"defect": [
"TR-26-0131"
],
"discovery": "UNKNOWN"
},
"title": "Improper Authentication in TUBITAK BILGEM\u0027s Pardus About",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2026-5161",
"datePublished": "2026-04-29T14:27:21.690Z",
"dateReserved": "2026-03-30T14:30:28.693Z",
"dateUpdated": "2026-05-04T13:20:54.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5161 (GCVE-0-2026-5161)
Vulnerability from cvelistv5 – Published: 2026-04-29 14:27 – Updated: 2026-05-04 13:20
VLAI
Title
Improper Authentication in TUBITAK BILGEM's Pardus About
Summary
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.
This issue affects Pardus About: before 1.2.2.
Severity
8.8 (High)
CWE
- CWE-59 - Improper link resolution before file access ('link following')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-26-0131 | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TUBITAK BILGEM Software Technologies Research Institute | Pardus About |
Affected:
0 , < 1.2.2
(custom)
|
Date Public
2026-04-29 14:20
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T14:47:02.370924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T14:53:02.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Pardus About",
"vendor": "TUBITAK BILGEM Software Technologies Research Institute",
"versions": [
{
"lessThan": "1.2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u00c7a\u011fr\u0131 ESER"
}
],
"datePublic": "2026-04-29T14:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper link resolution before file access (\u0027link following\u0027) vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.\u003cp\u003eThis issue affects Pardus About: before 1.2.2.\u003c/p\u003e"
}
],
"value": "Improper link resolution before file access (\u0027link following\u0027) vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.\n\nThis issue affects Pardus About: before 1.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-132",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-132 Symlink Attack"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper link resolution before file access (\u0027link following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T13:20:54.929Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.usom.gov.tr/bildirim/tr-26-0131"
}
],
"source": {
"advisory": "TR-26-0131",
"defect": [
"TR-26-0131"
],
"discovery": "UNKNOWN"
},
"title": "Improper Authentication in TUBITAK BILGEM\u0027s Pardus About",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2026-5161",
"datePublished": "2026-04-29T14:27:21.690Z",
"dateReserved": "2026-03-30T14:30:28.693Z",
"dateUpdated": "2026-05-04T13:20:54.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}