Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Delta Electronics CNCSoft-G2 contains a remote code execution vulnerability (CVE-2026-3094) that allows attackers to execute arbitrary code if a user visits a malicious website or opens a malicious file. This high-severity flaw (CVSS 7.8) requires user interaction but poses a significant risk to affected systems. Security teams should prioritize patching this vulnerability, alert users to avoid suspicious files and websites, and monitor for exploitation attempts.