CVE-2026-12250
Received
Received - Intake
Invocation of Process Using Visible Sensitive Information in Pardus Domain Joiner
Vulnerability report for CVE-2026-12250, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-05
Last updated on: 2026-07-05
Assigner: Computer Emergency Response Team of the Republic of Turkey
Description
Description
Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation.
This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tubitak_bilgem | pardus_domain_joiner | From 0.5.2 (inc) to 0.5.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-214 | A process is invoked with sensitive command-line arguments, environment variables, or other elements that can be seen by other processes on the operating system. |