Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Pardus Pen by TUBITAK BILGEM Software Technologies Research Institute

    CVE-2026-12386 (GCVE-0-2026-12386)

    Vulnerability from nvd – Published: 2026-07-05 14:31 – Updated: 2026-07-06 13:25
    VLAI
    Title
    Buffer Overflow in TUBITAK BILGEM's Pardus Pen
    Summary
    Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from <=4.1.5 before 4.2.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-170 - Improper null termination
    Assigner
    References
    Impacted products
    Date Public
    2026-07-05 14:28
    Credits
    Muhammed KAYA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-12386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T13:25:21.649209Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-06T13:25:28.190Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Pardus Pen",
              "vendor": "TUBITAK BILGEM Software Technologies Research Institute",
              "versions": [
                {
                  "lessThan": "4.2.1",
                  "status": "affected",
                  "version": "\u003c=4.1.5",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammed KAYA"
            }
          ],
          "datePublic": "2026-07-05T14:28:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers.\u003cp\u003eThis issue affects Pardus Pen: from \u0026lt;=4.1.5 before 4.2.1.\u003c/p\u003e"
                }
              ],
              "value": "Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers.\n\nThis issue affects Pardus Pen: from \u003c=4.1.5 before 4.2.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-170",
                  "description": "CWE-170 Improper null termination",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T14:31:47.467Z",
            "orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
            "shortName": "TR-CERT"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0499"
            }
          ],
          "source": {
            "advisory": "TR-26-0499",
            "defect": [
              "TR-26-0499"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Buffer Overflow in TUBITAK BILGEM\u0027s Pardus Pen",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
        "assignerShortName": "TR-CERT",
        "cveId": "CVE-2026-12386",
        "datePublished": "2026-07-05T14:31:47.467Z",
        "dateReserved": "2026-06-16T11:12:47.226Z",
        "dateUpdated": "2026-07-06T13:25:28.190Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-12386 (GCVE-0-2026-12386)

    Vulnerability from cvelistv5 – Published: 2026-07-05 14:31 – Updated: 2026-07-06 13:25
    VLAI
    Title
    Buffer Overflow in TUBITAK BILGEM's Pardus Pen
    Summary
    Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from <=4.1.5 before 4.2.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-170 - Improper null termination
    Assigner
    References
    Impacted products
    Date Public
    2026-07-05 14:28
    Credits
    Muhammed KAYA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-12386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T13:25:21.649209Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-06T13:25:28.190Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Pardus Pen",
              "vendor": "TUBITAK BILGEM Software Technologies Research Institute",
              "versions": [
                {
                  "lessThan": "4.2.1",
                  "status": "affected",
                  "version": "\u003c=4.1.5",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammed KAYA"
            }
          ],
          "datePublic": "2026-07-05T14:28:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers.\u003cp\u003eThis issue affects Pardus Pen: from \u0026lt;=4.1.5 before 4.2.1.\u003c/p\u003e"
                }
              ],
              "value": "Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers.\n\nThis issue affects Pardus Pen: from \u003c=4.1.5 before 4.2.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-170",
                  "description": "CWE-170 Improper null termination",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-05T14:31:47.467Z",
            "orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
            "shortName": "TR-CERT"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0499"
            }
          ],
          "source": {
            "advisory": "TR-26-0499",
            "defect": [
              "TR-26-0499"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Buffer Overflow in TUBITAK BILGEM\u0027s Pardus Pen",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
        "assignerShortName": "TR-CERT",
        "cveId": "CVE-2026-12386",
        "datePublished": "2026-07-05T14:31:47.467Z",
        "dateReserved": "2026-06-16T11:12:47.226Z",
        "dateUpdated": "2026-07-06T13:25:28.190Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }