Skip to main content

Dtmsoft

1 CVEs product

Monthly

CVE-2026-12578 HIGH CISA Act Now

Arbitrary code execution in Delta Electronics DTMSoft arises from unsafe deserialization of untrusted data during project file parsing (CWE-502), allowing an attacker who supplies a malicious DTMSoft project file to run code in the context of the user who opens it. The flaw is local and requires victim interaction (opening the crafted file) rather than remote network exploitation, and impacts confidentiality, integrity, and availability fully. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; no EPSS score was supplied.

Deserialization RCE Dtmsoft
NVD
CVSS 4.0
8.4
EPSS
0.4%
EPSS 0% CVSS 8.4
HIGH Act Now

Arbitrary code execution in Delta Electronics DTMSoft arises from unsafe deserialization of untrusted data during project file parsing (CWE-502), allowing an attacker who supplies a malicious DTMSoft project file to run code in the context of the user who opens it. The flaw is local and requires victim interaction (opening the crafted file) rather than remote network exploitation, and impacts confidentiality, integrity, and availability fully. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; no EPSS score was supplied.

Deserialization RCE Dtmsoft
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy