← back
CVE-2026-2339

RCE in TUBITAK BILGEM's Liderahenk

CVSS 7.5 HIGHEPSS 0.8%CWE-306
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
10 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
TUBITAK BILGEM Software Technologies Research Institute · Liderahenk

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0087https://www.usom.gov.tr/bildirim/tr-26-0087