CVE-2026-12386
Received
Received - Intake
Improper Null Termination in Pardus Pen Causes Buffer Overflow
Vulnerability report for CVE-2026-12386, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-05
Last updated on: 2026-07-05
Assigner: Computer Emergency Response Team of the Republic of Turkey
Description
Description
Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers.
This issue affects Pardus Pen: from <=4.1.5 before 4.2.1.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tubitak_bilgem | pardus_pen | From 4.1.5 (inc) to 4.2.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-170 | The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator. |