Home / Vulnerability Intelligence / CVE-2026-3630

CVE-2026-3630 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 10, 2026

Delta Electronics COMMGR2 - Buffer Overflow

Published: March 9, 2026Updated: March 10, 2026Remote Exploitable

Overview

Delta Electronics COMMGR2 contains a stack-based buffer overflow vulnerability, letting attackers potentially execute arbitrary code, exploit requires no special privileges.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 6.0%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary code remotely, potentially leading to full system compromise.

Mitigation

Update to the latest version.

References

https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00005_COMMGR%202%20Multiple%20Vulnerabilities%20(CVE-2026-3630,%20CVE-2026-3631).pdf

Social Media Activity(1 post)

BeyondMachines :verified:

@beyondmachines1

Mar 19, 2026

Critical RCE Vulnerability Patched in Delta Electronics COMMGR 2 Delta Electronics patched a critical stack-based buffer overflow (CVE-2026-3630) and an out-of-bounds read (CVE-2026-3631) in its COMMGR 2 software that could allow unauthenticated attackers to execute remote code or leak sensitive data. **Make sure all industrial devices are isolated from the internet and accessible from trusted networks only. Update Delta Electronics COMMGR 2 software to version 2.11.1 as soon as possible. In the meantime make sure they are isolated from the internet.** #cybersecurity #infosec #advisory #vulnerability https://beyondmachines.net/event_details/critical-rce-vulnerability-patched-in-delta-electronics-commgr-2-l-p-i-8-y/gD2P6Ple2L

View original post

Related Resources

Details

CVE ID: CVE-2026-3630
Severity: Critical
CVSS Score: 9.8
Type: buffer_overflow
Status: confirmed
EPSS: 6.0%
Social Posts: 1

CWE

CWE-787

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

6.0%Probability of exploitation in the next 30 days