CVE-2026-5166: Critical Path Traversal in TUBITAK Pardus Software Center
The National Vulnerability Database has disclosed CVE-2026-5166, a critical Path Traversal vulnerability impacting TUBITAK BILGEM Software Technologies Research Institute’s Pardus Software Center. This flaw, rated with a CVSS score of 9.6, allows an attacker to navigate the file system beyond intended directories.
Specifically, the vulnerability affects Pardus Software Center versions prior to 1.0.3. A successful exploit could lead to unauthorized access, modification, or deletion of sensitive files on the system, giving attackers significant control. The ‘Improper Limitation of a Pathname to a Restricted Directory’ (CWE-22) is a classic and highly dangerous class of bug.
This isn’t just about reading a config file. Path traversal often serves as a stepping stone for full system compromise, allowing attackers to write web shells, modify critical system files, or escalate privileges. Defenders running Pardus Software Center must prioritize patching to version 1.0.3 or later immediately.
What This Means For You
- If your organization utilizes TUBITAK BILGEM Pardus Software Center, you must prioritize patching to version 1.0.3 or newer immediately. This critical path traversal vulnerability (CVE-2026-5166) allows attackers to access arbitrary files, which can lead to system compromise. Verify your version and apply the update without delay.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-5166: Path Traversal in Pardus Software Center
title: CVE-2026-5166: Path Traversal in Pardus Software Center
id: scw-2026-04-29-ai-1
status: experimental
level: critical
description: |
This rule detects attempts to exploit the CVE-2026-5166 vulnerability in the TUBITAK Pardus Software Center. The vulnerability allows for path traversal by including '../' sequences in the URI query, enabling an attacker to access arbitrary files on the system. This detection focuses on the characteristic pattern of path traversal within the web request.
author: SCW Feed Engine (AI-generated)
date: 2026-04-29
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-5166/
tags:
- attack.discovery
- attack.t1083
logsource:
category: webserver
detection:
selection:
cs-uri-query|contains:
- '../'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-5166 | Path Traversal | TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center |
| CVE-2026-5166 | Path Traversal | Pardus Software Center versions before 1.0.3 |
| CVE-2026-5166 | Path Traversal | CWE-22 |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 29, 2026 at 19:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7389: EyouCMS SQL Injection Vulnerability Exposed
CVE-2026-7389 — A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The...
CVE-2026-7388 — A weakness has been identified in EyouCMS up to 1.7.9.
CVE-2026-7388 — A weakness has been identified in EyouCMS up to 1.7.9. Impacted is the function editFile of the file application/admin/logic/FilemanagerLogic.php of the component Template...
CVE-2026-7386: fatbobman mail-mcp-bridge Path Traversal Vulnerability
CVE-2026-7386 — A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mail_mcp_server.py. Executing a manipulation...