Browse all 8 CVE security advisories affecting deltaww. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Deltaww primarily targets enterprise environments through phishing campaigns, delivering malware for data theft and espionage. Historically, it exploits RCE vulnerabilities in Microsoft Office and Adobe products, along with XSS flaws in web applications, and privilege escalation techniques to maintain persistence. The group demonstrates sophisticated tradecraft, including custom loaders and living-off-the-land tactics. Notable characteristics include its use of compromised email accounts for lateral movement and its focus on high-value targets in government and defense sectors. Deltaww has been linked to several major incidents, including the exploitation of zero-day vulnerabilities in widely used software, resulting in significant data breaches across multiple organizations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1951 | No checking of the length of the buffer with the directory name in AS320T — AS320TCWE-121 | 9.8 | Critical | 2026-04-24 |
| CVE-2026-1952 | Denial of service via the undocumented subfunction in AS320T — AS320TCWE-912 | 9.8 | Critical | 2026-04-24 |
| CVE-2026-1950 | No checking of the length of the buffer with the file name in AS320T — AS320TCWE-121 | 9.8 | Critical | 2026-04-24 |
| CVE-2026-1949 | Incorrect calculation of buffer size on the stack in AS320T — AS320TCWE-131 | 9.8 | Critical | 2026-04-24 |
| CVE-2026-5726 | ASDA-Soft Stack-based Buffer Overflow Vulnerability — ASDA-SoftCWE-121 | 7.8 | High | 2026-04-08 |
| CVE-2026-3631 | Buffer Over-read DoS Vulnerability in COMMGR2 — COMMGR2CWE-125 | 7.5 | High | 2026-03-09 |
| CVE-2026-3630 | Stack-based Buffer Overflow Vulnerability in COMMGR2 — COMMGR2 | 9.8 | Critical | 2026-03-09 |
| CVE-2026-3094 | File Parsing Out-Of-Bounds Write in CNCSoft-G2 — CNCSoft-G2CWE-787 | 7.8 | High | 2026-03-04 |
This page lists every published CVE security advisory associated with deltaww. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.