CVE-2026-5726
CWE-121Published: April 8, 2026· Updated: Apr 13, 2026
Official Description
ASDA-Soft Stack-based Buffer Overflow Vulnerability
Technical Analysis
CVE-2026-5726 requires local access, meaning attackers must already have a foothold on the target system.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), availability disruption (denial of service), with a CVSS base score of 8.4.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
Official Patches & Advisories
News & Research Mentioning CVE-2026-5726
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. The following versions of Delta Electronics ASDA-Soft are affected: ASDA-Soft <=V7.2.2.0 CVSS Vendor Equipment Vulnerabilities v3 7.8 Delta Electronics Delta Electronics ASDA-Soft Stack-based Buffer Overflow Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Taiwan Vulnerabilities Expand All + CVE-2026-5726 A stack-based buffer overflow vulnerability is triggered in ASDA-Soft version 7.2.0.0 during the parsing of malformed .par files. View CVE Details Affected Products Delta Electronics ASDA-Soft Vendor: Delta Electronics Product Version: Delta Electronics [xlite_meta score:69 src:CISA Alerts xlite_fp:d9d80a089192c2bb4aaebad0270b7213d5d0e710e25b1dab58341d2eb85fb308]
All References (1)
Quick Facts
Known Threat Actors
Related CVEs (CWE-121)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-5726 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts