VYPR

Vendor CVEs

Ni

All CVEs

85 total · sorted by risk
  • CVE-2026-9051CriMay 29, 2026
    risk 0.59cvss 9.1epss 0.01

    There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure.  Successful exploitation requires…

  • CVE-2024-4044HigMay 14, 2024
    risk 0.52cvss 7.8epss 0.15

    A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability…

  • CVE-2026-32864HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2026-32863HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation() in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user…

  • CVE-2026-32862HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr() in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open…

  • CVE-2026-32861HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open…

  • CVE-2026-32860HigApr 7, 2026
    risk 0.51cvss 7.8epss 0.00

    There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2025-10203HigSep 15, 2025
    risk 0.51cvss 7.8epss 0.00

    Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .DWF3WORK file. This vulnerability affects Digilent…

  • CVE-2024-12742HigMar 6, 2025
    risk 0.51cvss 7.8epss 0.05

    A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may result in arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted project file.  This vulnerability affects G Web…

  • CVE-2024-12741HigDec 18, 2024
    risk 0.51cvss 7.8epss 0.04

    A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects DAQExpress 5.1 and prior versions.…

  • CVE-2024-5602HigJul 23, 2024
    risk 0.51cvss 7.8epss 0.00

    A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file. The NI I/O Trace tool is installed…

  • CVE-2024-6675HigJul 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects VeriStand 2024 Q2 and prior…

  • CVE-2017-2779HigSep 5, 2017
    risk 0.49cvss 7.5epss 0.02

    An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument (VI) file can cause an attacker controlled looping condition resulting in an…

  • CVE-2017-2775HigMar 31, 2017
    risk 0.49cvss 7.5epss 0.03

    An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting…

  • CVE-2026-8036HigJun 2, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.

  • CVE-2026-8035HigJun 2, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.

  • CVE-2002-0748Aug 12, 2002
    risk 0.04cvss epss 0.09

    LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations.

  • CVE-2008-5383Dec 9, 2008
    risk 0.03cvss epss 0.05

    Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .ewb file.

  • CVE-2025-2449Mar 18, 2025
    risk 0.02cvss epss 0.31

    NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the…

  • CVE-2026-9143Jun 19, 2026
    risk 0.00cvss epss 0.00

    There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen.  This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions.

  • CVE-2026-9142Jun 19, 2026
    risk 0.00cvss epss 0.00

    There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback.  This may allow an unauthenticated user access to the server on the local network.  This affects NI grpc-device 2.17.0 and…

  • CVE-2026-48141Jun 19, 2026
    risk 0.00cvss epss 0.00

    There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion.  This affects NI grpc-device 2.17.0 and prior versions.

  • CVE-2026-48140Jun 19, 2026
    risk 0.00cvss epss 0.00

    There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially…

  • CVE-2026-48139Jun 19, 2026
    risk 0.00cvss epss 0.00

    There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash.  Successful exploitation requires an attacker to provide an unknown value to the data moniker service.…

  • CVE-2026-48138Jun 19, 2026
    risk 0.00cvss epss 0.00

    There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and…

  • CVE-2026-48137Jun 19, 2026
    risk 0.00cvss epss 0.01

    There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution.  Successful exploitation requires an attacker  to supply a…

  • CVE-2025-64469Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user…

  • CVE-2025-64468Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted…

  • CVE-2025-64467Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open…

  • CVE-2025-64466Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2025-64465Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially…

  • CVE-2025-64464Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2025-64463Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2025-64462Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMemFileHandle() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open…

  • CVE-2025-64461Dec 18, 2025
    risk 0.00cvss epss 0.00

    There is an out of bounds write vulnerability in NI LabVIEW in mgocre_SH_25_3!RevBL() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a…

  • CVE-2025-6034Sep 30, 2025
    risk 0.00cvss epss 0.00

    There is a memory corruption vulnerability due to an out of bounds read in DefaultFontOptions() when using SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker…

  • CVE-2025-6033Sep 30, 2025
    risk 0.00cvss epss 0.00

    There is a memory corruption vulnerability due to an out of bounds write in XML_Serialize() when using SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to…

  • CVE-2025-7849Jul 29, 2025
    risk 0.00cvss epss 0.00

    A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI…

  • CVE-2025-7848Jul 29, 2025
    risk 0.00cvss epss 0.00

    A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW…

  • CVE-2025-7361Jul 29, 2025
    risk 0.00cvss epss 0.00

    A code injection vulnerability due to an improper initialization check exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI using a CIN node. This vulnerability affects…

  • CVE-2025-2634Jul 23, 2025
    risk 0.00cvss epss 0.00

    Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI…

  • CVE-2025-2633Jul 23, 2025
    risk 0.00cvss epss 0.00

    Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This…

  • CVE-2025-30421May 15, 2025
    risk 0.00cvss epss 0.00

    There is a memory corruption vulnerability due to a stack-based buffer overflow in DrObjectStorage::XML_Serialize() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful…

  • CVE-2025-30420May 15, 2025
    risk 0.00cvss epss 0.00

    There is a memory corruption vulnerability due to an out of bounds read in Bitmap::InternalDraw() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an…

  • CVE-2025-30419May 15, 2025
    risk 0.00cvss epss 0.00

    There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an…

  • CVE-2025-30418May 15, 2025
    risk 0.00cvss epss 0.00

    There is a memory corruption vulnerability due to an out of bounds write in CheckPins() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to…

  • CVE-2025-30417May 15, 2025
    risk 0.00cvss epss 0.00

    There is a memory corruption vulnerability due to an out of bounds write in Library!DecodeBase64() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an…

  • CVE-2025-2632Apr 9, 2025
    risk 0.00cvss epss 0.00

    Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This…

  • CVE-2025-2631Apr 9, 2025
    risk 0.00cvss epss 0.00

    Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation() that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This…

  • CVE-2025-2630Apr 9, 2025
    risk 0.00cvss epss 0.00

    There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This…

Page 1 of 2