Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

NI — Vulnerabilities & Security Advisories 73

Browse all 73 CVE security advisories affecting NI. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NI develops hardware and software for test, measurement, and control applications, primarily serving engineering and scientific sectors. Its software ecosystem, including LabVIEW and TestStand, facilitates complex data acquisition and automated testing workflows. Historically, the platform has exhibited vulnerabilities ranging from remote code execution and buffer overflows to cross-site scripting and privilege escalation flaws. These issues often stem from legacy codebases and complex integration points within its extensive library of drivers and utilities. While no catastrophic, widespread breaches have defined its public history, the high number of recorded CVEs indicates persistent security challenges in maintaining robust defenses across diverse industrial environments. The company generally responds to disclosures through timely patches, yet the breadth of its product portfolio necessitates rigorous configuration management by users to mitigate risks associated with outdated components or misconfigured systems.

Top products by NI: LabVIEW Circuit Design Suite grpc-device VeriStand SystemLink Server FlexLogger NI-PAL MeasurementLink System Configuration TopoGrafix DataPlugin for GPX IO Trace Tool DAQExpress Vision Development Module G Web Development Software Vision Builder AI SystemLink Enterprise
CVE IDTitleCVSSSeverityPublished
CVE-2026-9143 Incorrect Conversion between Numeric Types in NI grpc-device due to missing range checks in CodeGen — grpc-deviceCWE-681 3.7 Low2026-06-19
CVE-2026-9142 Insecure Default Credentials vulnerability in NI grpc-device when TLS configuration is not present — grpc-deviceCWE-306 9.1 Critical2026-06-19
CVE-2026-48141 Memory leak in NI grpc-device BeginSidebandStream — grpc-deviceCWE-401 5.3 Medium2026-06-19
CVE-2026-48140 Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream — grpc-deviceCWE-704 6.5 Medium2026-06-19
CVE-2026-48139 NULL pointer dereference vulnerability in NI grpc-device data moniker service — grpc-deviceCWE-476 7.5 High2026-06-19
CVE-2026-48138 Out-of-bounds read vulnerability in the NI grpc-device streaming API — grpc-deviceCWE-125 7.5 High2026-06-19
CVE-2026-48137 Untrusted pointer dereference in NI grpc-device sideband streaming API — grpc-deviceCWE-822 9.1 Critical2026-06-19
CVE-2026-8036 Local privilege escalation in NI-PAL — NI-PALCWE-1285 7.1 High2026-06-02
CVE-2026-8035 NULL pointer dereference in NI-PAL — NI-PALCWE-476 7.1 High2026-06-02
CVE-2026-9051 Authentication Bypass Vulnerability in NI SystemLink Enterprise — SystemLink EnterpriseCWE-306 9.1 Critical2026-05-29
CVE-2026-32864 Out-of-Bounds Read in mgcore_SH_25_3!aligned_free() — LabVIEWCWE-125 7.8 High2026-04-07
CVE-2026-32863 Out-of-Bounds Read in sentry_transaction_context_set_operation() — LabVIEWCWE-125 7.8 High2026-04-07
CVE-2026-32862 Out-of-Bounds Write in ResFileFactory::InitResourceMgr() — LabVIEWCWE-787 7.8 High2026-04-07
CVE-2026-32861 Out-of-Bounds Write Vulnerability in NI LabVIEW when loading lvclass file — LabVIEWCWE-787 7.8 High2026-04-07
CVE-2026-32860 Out-of-Bounds Write Vulnerability in NI LabVIEW when loading lvlib file — LabVIEWCWE-787 7.8 High2026-04-07
CVE-2025-64469 Stack-based Buffer Overflow in LVResource::DetachResource() in NI LabVIEW — LabVIEWCWE-121 7.8 High2025-12-18
CVE-2025-64468 Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW — LabVIEWCWE-416 7.8 High2025-12-18
CVE-2025-64467 Out-of-Bounds Read in LVResFile::FindRsrcListEntry() in NI LabVIEW — LabVIEWCWE-125 7.8 High2025-12-18
CVE-2025-64466 Out-of-Bounds Read in lvre!ExecPostedProcRecPost() in NI LabVIEW — LabVIEWCWE-125 7.8 High2025-12-18
CVE-2025-64465 Out-of-Bounds Read in lvre!DataSizeTDR() in NI LabVIEW — LabVIEWCWE-125 7.8 High2025-12-18
CVE-2025-64464 Out-of-Bounds Read in lvre!VisaWriteFromFile() in NI LabVIEW — LabVIEWCWE-125 7.8 High2025-12-18
CVE-2025-64463 Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW — LabVIEWCWE-125 7.8 High2025-12-18
CVE-2025-64462 Out-of-Bounds Read in LVResFile::RGetMemFileHandle() in NI LabVIEW — LabVIEWCWE-125 7.8 High2025-12-18
CVE-2025-64461 Out of Bounds Write in mgocre_SH_25_3!RevBL() in NI LabVIEW — LabVIEWCWE-787 7.8 High2025-12-18
CVE-2025-12097 Relative Path Traversal Vulnerability in NI System Web Server — LabVIEWCWE-23 7.5 High2025-12-04
CVE-2025-6034 Out of Bounds Read in DefaultFontOptions() in NI Circuit Design Suite — Circuit Design SuiteCWE-125 7.8 High2025-09-30
CVE-2025-6033 Memory Corruption issue in XML_Serialize() in NI Circuit Design Suite — Circuit Design SuiteCWE-787 7.8 High2025-09-30
CVE-2025-7849 Memory Corruption Issue in NI LabVIEW due to improper error handling — LabVIEWCWE-1285 7.8 High2025-07-29
CVE-2025-7848 Missing input check in lvpict.cpp used in NI LabVIEW — LabVIEWCWE-1285 7.8 High2025-07-29
CVE-2025-7361 Code Injection Vulnerability in NI LabVIEW when using CIN nodes — LabVIEWCWE-94 7.8 High2025-07-29

This page lists every published CVE security advisory associated with NI. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.