CVE-2026-12386 PUBLISHED

Buffer Overflow in TUBITAK BILGEM's Pardus Pen

Assigner: TR-CERT
Reserved: 16.06.2026 Published: 05.07.2026 Updated: 05.07.2026

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers.

This issue affects Pardus Pen: from <=4.1.5 before 4.2.1.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
CVSS Score: 3.9

Product Status

Vendor TUBITAK BILGEM Software Technologies Research Institute
Product Pardus Pen
Versions Default: unaffected
  • affected from <=4.1.5 to 4.2.1 (excl.)

Credits

  • Muhammed KAYA finder

References

Problem Types

  • CWE-170 Improper null termination CWE

Impacts

  • CAPEC-100 Overflow Buffers