Two High Severity Vulnerabilities Discovered in TUBITAK BILGEM Software

Two High Severity Vulnerabilities Discovered in TUBITAK BILGEM Software

First seen 5 Jul 2026, 23:50 UTC Ismalicious 83% similarity 61.5

Article Content

Browse articles
ThreatCluster

On July 5, 2026, two high-severity vulnerabilities were reported in TUBITAK BILGEM Software. CVE-2026-9085, with a CVSS score of 8.8, involves improper access control in the Pardus-Parental-Control software, allowing DNS spoofing. This affects versions from 0.5.1 to before 0.7.0. CVE-2026-12250, rated at 7.9, relates to visible sensitive information in the Pardus Domain Joiner, which could lead to data excavation, affecting versions from 0.5.2 to before 0.5.4. Active exploitation of both vulnerabilities has not been confirmed, and the EPSS scores for both are N/A%. Security professionals should be vigilant as these vulnerabilities could pose significant risks if exploited.

Key Points: • CVE-2026-9085 allows DNS spoofing in Pardus-Parental-Control software. • CVE-2026-12250 enables data excavation in Pardus Domain Joiner. • Both vulnerabilities have not confirmed active exploitation as of now.

ThreatCluster AI

Timeline

2026-07-05
CVE-2026-9085 published
A high-severity vulnerability in Pardus-Parental-Control allows DNS spoofing, affecting versions <=0.5.1 before 0.7.0.
Ismalicious
2026-07-05
CVE-2026-12250 published
A high-severity vulnerability in Pardus Domain Joiner allows data excavation, affecting versions 0.5.2 before 0.5.4.
Ismalicious

Community

Browse all →