CVE Catalog

CVE-2026-9085

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.10%

1th percentile — higher than 1% of all known CVEs

Summary

A vulnerability in Pardus-Parental-Control (versions up to 0.5.1 before 0.7.0) is caused by incorrect permission assignment for critical resources and improper access control. This allows an attacker to perform DNS Spoofing, i.e., impersonate a DNS server and redirect network traffic.

Risk Assessment

The organization is at risk of DNS traffic interception and modification, which can lead to users being redirected to malicious websites, data theft, or malware infection.

Recommendation

Immediately update Pardus-Parental-Control to version 0.7.0 or later, which fixes this vulnerability. Before updating, consider restricting access to the vulnerable component to trusted users only.

Original NVD description (English source)

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control: from <=0.5.1 before 0.7.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS