NI 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に パス処理の欠陥 and vendor risk cross-site scripting などに関し、一部は ファイル上書き を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-8036 | Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux. | [email protected] | 8.4 | 0.11% | 2026-06-02 | 2026-06-05 |
| CVE-2026-8035 | Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux. | [email protected] | 6.9 | 0.10% | 2026-06-02 | 2026-06-05 |
| CVE-2026-32864 | There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions. | [email protected] | 8.5 | 0.14% | 2026-04-07 | 2026-04-13 |
| CVE-2026-32863 | There is a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation() in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions. | [email protected] | 8.5 | 0.19% | 2026-04-07 | 2026-04-13 |
| CVE-2026-32862 | There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr() in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions. | [email protected] | 8.5 | 0.15% | 2026-04-07 | 2026-04-13 |
| CVE-2026-32861 | There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .lvclass file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions. | [email protected] | 8.5 | 0.22% | 2026-04-07 | 2026-04-13 |
| CVE-2026-32860 | There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .lvlib file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions. | [email protected] | 8.5 | 0.22% | 2026-04-07 | 2026-04-13 |
| CVE-2026-0957 | There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file. This vulnerability affects all versions of Digilent DASYLab. | [email protected] | 8.5 | 0.23% | 2026-03-13 | 2026-03-19 |
| CVE-2026-0956 | There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file. This vulnerability affects all versions of Digilent DASYLab. | [email protected] | 8.5 | 0.23% | 2026-03-13 | 2026-03-19 |
| CVE-2026-0955 | There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file. This vulnerability affects all versions of Digilent DASYLab. | [email protected] | 8.5 | 0.20% | 2026-03-13 | 2026-03-19 |
| CVE-2026-0954 | There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted DSB file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .DSB file. This vulnerability affects all versions of Digilent DASYLab. | [email protected] | 8.5 | 0.20% | 2026-03-13 | 2026-03-19 |
| CVE-2025-64469 | There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.13% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64468 | There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions | [email protected] | 8.5 | 0.13% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64467 | There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.13% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64466 | There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.14% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64465 | There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.13% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64464 | There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.13% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64463 | There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.14% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64462 | There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMemFileHandle() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.14% | 2025-12-18 | 2025-12-24 |
| CVE-2025-64461 | There is an out of bounds write vulnerability in NI LabVIEW in mgocre_SH_25_3!RevBL() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions. | [email protected] | 8.5 | 0.14% | 2025-12-18 | 2025-12-24 |