Skip to main content

Pardus Parental Control

1 CVEs product

Monthly

CVE-2026-9085 HIGH PATCH This Week

Local privilege abuse in TUBITAK BILGEM Pardus-Parental-Control (versions up to and including 0.5.1, fixed in 0.7.0) lets a low-privileged local user exploit insecure file/resource permissions to tamper with the tool's DNS configuration and perform DNS spoofing. Because the CVSS scope is changed (S:C), the impact reaches beyond the application to system-wide name resolution, enabling redirection of traffic, bypass of parental filtering, and interception of connections. There is no public exploit identified at time of analysis, but the reachable local vector and low complexity make this a practical concern on shared or managed Pardus endpoints.

Information Disclosure Pardus Parental Control
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Local privilege abuse in TUBITAK BILGEM Pardus-Parental-Control (versions up to and including 0.5.1, fixed in 0.7.0) lets a low-privileged local user exploit insecure file/resource permissions to tamper with the tool's DNS configuration and perform DNS spoofing. Because the CVSS scope is changed (S:C), the impact reaches beyond the application to system-wide name resolution, enabling redirection of traffic, bypass of parental filtering, and interception of connections. There is no public exploit identified at time of analysis, but the reachable local vector and low complexity make this a practical concern on shared or managed Pardus endpoints.

Information Disclosure Pardus Parental Control
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy