CVE-2026-2339
HIGHSeverity by source
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before v3.4.0.
AnalysisAI
TUBITAK BILGEM Software Technologies Research Institute Liderahenk is affected by missing authentication for critical function (CVSS 7.5).
Technical ContextAI
This vulnerability (CWE-306: Missing Authentication for Critical Function) affects TUBITAK BILGEM Software Technologies Research Institute Liderahenk. Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before v3.4.0.
Affected ProductsAI
Product: TUBITAK BILGEM Software Technologies Research Institute Liderahenk.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today