CVE-2026-5140

Summary

Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass.

This issue affects Pardus Update: from 0.6.3 before 0.6.4.

Affected Software

VendorProductVersion RangeStatus
TUBITAK BILGEM Software Technologies Research InstitutePardus Update0.6.3 < 0.6.4affected

Weaknesses

  • CWE-93: CWE-93 Improper neutralization of CRLF sequences ('CRLF injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References