PT-2026-35920 · Tubitak Bilgem Software Technologies Research Institute · Pardus+1

Çağrı Eser

·

Published

2026-04-29

·

Updated

2026-04-29

·

CVE-2026-5140

CVSS v3.1

8.8

High

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus allows Authentication Bypass.
This issue affects Pardus: from <=0.6.4 before 0.8.0.

Fix

Weakness Enumeration

CWE-93

Related Identifiers

CVE-2026-5140

Affected Products

Pardus
Pardus Update