Ismalicious
Two High Severity Vulnerabilities Discovered in TUBITAK BILGEM Software
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On July 5, 2026, two high-severity vulnerabilities were reported in TUBITAK BILGEM Software. CVE-2026-9085, with a CVSS score of 8.8, involves improper access control in the Pardus-Parental-Control software, allowing DNS spoofing. This affects versions from 0.5.1 to before 0.7.0. CVE-2026-12250, rated at 7.9, relates to visible sensitive information in the Pardus Domain Joiner, which could lead to data excavation, affecting versions from 0.5.2 to before 0.5.4. Active exploitation of both vulnerabilities has not been confirmed, and the EPSS scores for both are N/A%. Security professionals should be vigilant as these vulnerabilities could pose significant risks if exploited.
Key Points: • CVE-2026-9085 allows DNS spoofing in Pardus-Parental-Control software. • CVE-2026-12250 enables data excavation in Pardus Domain Joiner. • Both vulnerabilities have not confirmed active exploitation as of now.