VYPR
Vendor

Ni

Products
28
CVEs
85
Across products
108
Status
Private

Products

28

Recent CVEs

85
View all 85 CVEs →
  • CVE-2026-9051CriMay 29, 2026
    risk 0.59cvss 9.1epss 0.01

    There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure.  Successful exploitation requires…

  • CVE-2024-4044HigMay 14, 2024
    risk 0.52cvss 7.8epss 0.15

    A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability…

  • CVE-2026-32864HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2026-32863HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation() in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user…

  • CVE-2026-32862HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr() in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open…

  • CVE-2026-32861HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open…

  • CVE-2026-32860HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2025-10203HigSep 15, 2025
    risk 0.51cvss 7.8epss 0.00

    Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .DWF3WORK file. This vulnerability affects Digilent…

  • CVE-2024-12742HigMar 6, 2025
    risk 0.51cvss 7.8epss 0.05

    A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may result in arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted project file.  This vulnerability affects G Web…

  • CVE-2024-12741HigDec 18, 2024
    risk 0.51cvss 7.8epss 0.04

    A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects DAQExpress 5.1 and prior versions.…

  • CVE-2024-5602HigJul 23, 2024
    risk 0.51cvss 7.8epss 0.00

    A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file. The NI I/O Trace tool is installed…

  • CVE-2024-6675HigJul 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects VeriStand 2024 Q2 and prior…

  • CVE-2017-2779HigSep 5, 2017
    risk 0.49cvss 7.5epss 0.02

    An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument (VI) file can cause an attacker controlled looping condition resulting in an…

  • CVE-2017-2775HigMar 31, 2017
    risk 0.49cvss 7.5epss 0.03

    An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting…

  • CVE-2026-8036HigJun 2, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.

  • CVE-2026-8035HigJun 2, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.

  • CVE-2002-0748Aug 12, 2002
    risk 0.04cvss epss 0.09

    LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations.

  • CVE-2008-5383Dec 9, 2008
    risk 0.03cvss epss 0.05

    Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .ewb file.

  • CVE-2025-2449Mar 18, 2025
    risk 0.02cvss epss 0.31

    NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the…

  • CVE-2026-9143Jun 19, 2026
    risk 0.00cvss epss 0.00

    There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen.  This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions.