Back to overview

CVE-2026-9085

HIGH
8.8
CVSS 3.1
Description
Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control: from <=0.5.1 before 0.7.0.

Metadata

CVE ID
CVE-2026-9085
State
PUBLISHED
Assigner
TR-CERT
Reserved
2026-05-20 14:26 UTC
Published
2026-07-05 14:38 UTC
Last updated
2026-07-06 13:24 UTC
Primary CWE
CWE-732
CWE-732 Incorrect Permission Assignment for Critical Resourc…
Vendor / Product
TUBITAK BILGEM Software Technologies Research Institute / Pardus-Parental-Control
Sources
cve.org  ·  NVD

Severity & Metrics

8.8 HIGH CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
total
Affected products (1)
VendorProductPlatformVersions
TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control <=0.5.1 < 0.7.0
Weakness (CWE)
CWESourceDescription
CWE-284 cna CWE-284 Improper Access Control
CWE-732 cna CWE-732 Incorrect Permission Assignment for Critical Resource
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.8 HIGH 3.1 cna CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Back to overview