VYPR
Vendor

Tubitak

Products
6
CVEs
9
Across products
9
Status
Private

Products

6

Recent CVEs

9
  • CVE-2026-5166CriApr 29, 2026
    risk 0.62cvss 9.6epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center: before 0.6.4.

  • CVE-2026-6849HigApr 29, 2026
    risk 0.57cvss 8.8epss 0.01

    Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: from <=0.7.5 before…

  • CVE-2026-5161HigApr 29, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2.

  • CVE-2026-5141HigApr 29, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking a privileged process. This issue affects Pardus Software Center: from 1.0.2…

  • CVE-2026-5140HigApr 29, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4.

  • CVE-2026-2339HigMar 10, 2026
    risk 0.49cvss 7.5epss 0.01

    Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1.

  • CVE-2025-7706MedFeb 17, 2026
    risk 0.40cvss 6.1epss 0.00

    Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion. This issue affects Liderahenk: from 3.0.0 to 3.3.1 before 3.5.0.

  • CVE-2021-3806MedSep 18, 2021
    risk 0.35cvss 5.3epss 0.01

    A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.

  • CVE-2024-12970LowJan 6, 2025
    risk 0.25cvss 3.9epss 0.01

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: before 0.7.2.