Skip to content
CVSS 8.8 · HIGH

CVE-2026-6849

Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: from <=0.7.5 before 0.8.0.

Ver en NVD

Análisis

This vulnerability affects a specific system utility within Pardus OS, which is a Linux distribution primarily developed and used for the Turkish government. As it is not a standard tool or operating system used by developers in the Mexican ecosystem, it is not relevant to the community.

Severidad

Puntaje: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: NONE
UI: REQUIRED
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-78

EPSS

Probabilidad de explotación (próx. 30 días): 0.0012 (0.1%)
Percentil: 30.5%
EPSS: 2026-05-06

Descripción técnica

Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: from <=0.7.5 before 0.8.0.

Publicada: 29/4/2026, 16:16:28
Última modificación: 29/4/2026, 21:13:30

Referencias

InicioEventosBlogRecursosEquipo