CVE-2026-3094

{"id": "CVE-2026-3094", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "759f5e80-c8e1-4224-bead-956d7b33c98b", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2026-03-04T09:15:58.457", "references": [{"url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00004_CNCSoft-G2_File%20Parsing%20Out-Of-Bounds%20Write.pdf", "tags": ["Vendor Advisory"], "source": "759f5e80-c8e1-4224-bead-956d7b33c98b"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "759f5e80-c8e1-4224-bead-956d7b33c98b", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Delta Electronics CNCSoft-G2\u00a0lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process."}, {"lang": "es", "value": "Delta Electronics CNCSoft-G2 carece de validaci\u00f3n adecuada del archivo proporcionado por el usuario. Si un usuario abre un archivo malicioso, un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual."}], "lastModified": "2026-03-06T20:12:48.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:deltaww:cncsoft-g2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12BCFE31-54C7-4A39-872D-6D44AA8BF082", "versionEndExcluding": "2.1.0.39"}], "operator": "OR"}]}], "sourceIdentifier": "759f5e80-c8e1-4224-bead-956d7b33c98b"}