CVE-2026-5161 HIGH

CVE-2026-5161: Improper Authentication in TUBITAK BILGEM's Pardus About

Vendor Tubitak Bilgem Software Technologies Research Institute
Product Pardus About
Weakness CWE-59
Published April 29, 2026
Last update June 6, 2026

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2.

Key dates

02Disclosure timeline

April 29, 2026 CVE published
June 6, 2026 Record updated