These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-9142 is a critical insecure default credentials vulnerability in NI grpc-device. When TLS configuration is not present and the server is bound beyond loopback, an unauthenticated user may access the server on the local network. This affects NI grpc-device versions 2.17.0 and prior. The CVSS score is 9.3, indicating a high severity. Defenders should assess their exposure and prioritize patching.
CVE-2026-48139 is a high-severity vulnerability in NI grpc-device that could allow an attacker to cause a denial of service by triggering a crash through a NULL pointer dereference in the data moniker service. This vulnerability affects NI grpc-device version 2.17.0 and prior. Defenders should assess their exposure and prioritize patching due to the high CVSS score of 8.7.
A critical authentication bypass vulnerability exists in NI SystemLink Enterprise Dashboard that allows unauthenticated remote attackers to bypass authentication controls through specially crafted HTTP requests. The vulnerability, published on May 29, 2026, affects NI SystemLink Enterprise 2026-04 and prior versions. Successful exploitation enables privilege escalation or information disclosure without re [truncated]
National Instruments LabVIEW contains an out-of-bounds read vulnerability in the lvre!VisaWriteFromFile() function that triggers when opening a corrupted VI (Virtual Instrument) file. The vulnerability, published 2025-12-18, carries a CVSS 3.1 score of 7.8 (HIGH severity). Successful exploitation requires user interaction—specifically, convincing a victim to open a maliciously crafted VI file. The impact [truncated]
CVE-2025-2633 affects National Instruments LabVIEW 2025 Q1 and prior versions. CISA’s advisory describes an improper restriction of operations within the bounds of a memory buffer that may lead to invalid memory reads, information disclosure, and arbitrary code execution. National Instruments has released patches for affected products.
An out-of-bounds read vulnerability exists in the BuildFontMap function within National Instruments LabVIEW. This vulnerability may allow an attacker to disclose sensitive information or execute arbitrary code. The issue affects multiple versions of LabVIEW, including the 2024 release up to Q3 24.3f0, all versions of LabVIEW 2023, all versions of LabVIEW 2022, and LabVIEW 2021 and earlier versions which h [truncated]
A high-severity out-of-bounds read vulnerability exists in National Instruments LabVIEW when loading the font table. This vulnerability, published on December 10, 2024, may allow an attacker to disclose information or execute arbitrary code. The vulnerability affects multiple versions of LabVIEW, including LabVIEW 2024 (up to Q3 24.3f0), LabVIEW 2023, LabVIEW 2022, and LabVIEW 2021 (EOL) and below. Nation [truncated]
An out-of-bounds read vulnerability exists in the HeapObjMapImpl function within National Instruments LabVIEW. This memory safety defect may allow an attacker to disclose sensitive information or achieve arbitrary code execution. The vulnerability affects multiple LabVIEW versions including 2024 (up to Q3 24.3f0), 2023, 2022, and end-of-life versions 2021 and below. National Instruments has released patch [truncated]