Deserialization of Untrusted Data Vulnerability in Delta's DTMSoft Product
CVE-2026-12578

8.4HIGH

Key Information:

Vendor: Deltaww
Status: Dtmsoft
Vendor: CVE Published:; 30 June 2026

What is CVE-2026-12578?

The DTMSoft product from Delta exhibits a vulnerability resulting from the deserialization of untrusted data. This flaw could potentially enable an attacker to execute arbitrary code within the vulnerable application, leading to significant security risks and unauthorized access to sensitive information. Users of this software should take immediate action to mitigate any potential exploits stemming from this issue.

Affected Version(s)

DTMSoft *

References

https://filecenter.deltaww.com/news/download/doc/Delta-PC...

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2026
Vulnerability Reserved
Jun 18, 2026

Credit

CISA

kimiya working with Trend Micro Zero Day Initiative

CVE-2026-12578 Data

JSON

Deltaww

What is CVE-2026-12578?

Affected Version(s)

References

CVSS V4

Timeline

Credit