HIGHCVE-2026-2339Published 2026-03-10Modified 2026-03-27CNA TR-CERT

CVE-2026-2339: RCE in TUBITAK BILGEM's Liderahenk

Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before 3.5.1.

CVSS v3.1: 7.5
Severity: HIGH
Fixed in: 3.5.1
Affected Products: 1

Fix available

3.5.1

Affected packages

TUBITAK BILGEM Software Technologies Research Institute / Liderahenk
< 3.5.1 (from 0)

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References

usom.gov.tr

Metrics

Fix available