PatchSiren cyber security CVE debrief
CVE-2026-5166 TUBITAK BILGEM Software Technologies Research Institute CVE debrief
A Path Traversal vulnerability was discovered in Pardus Software Center, affecting versions before 0.6.4. This issue allows attackers to traverse directories, potentially leading to unauthorized access and data breaches.
- Vendor
- TUBITAK BILGEM Software Technologies Research Institute
- Product
- Pardus Software Center
- CVSS
- CRITICAL 9.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-29
- Original CVE updated
- 2026-06-06
- Advisory published
- 2026-04-29
- Advisory updated
- 2026-06-06
Who should care
Users of Pardus Software Center, administrators of systems utilizing this software, and security teams responsible for vulnerability management.
Technical summary
The CVE-2026-5166 vulnerability is classified as a Path Traversal issue (CWE-22). It has a CVSS score of 9.6, indicating critical severity. The vulnerability allows attackers to perform directory traversal attacks, which could lead to sensitive information disclosure, code execution, or other malicious activities.
Defensive priority
High
Recommended defensive actions
- Update Pardus Software Center to version 0.6.4 or later.
- Implement additional security measures to monitor and restrict file system access.
- Review and audit system logs for suspicious activity.
Evidence notes
The CVE-2026-5166 vulnerability was published on [cvePublishedAt] and modified on [cveModifiedAt]. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H.
Official resources
CVE-2026-5166 was published on 2026-04-29T16:16:26.673Z and modified on 2026-06-06T08:16:54.013Z.