Known Vulnerabilities for products from NI
Listed below are 20 of the newest known vulnerabilities associated with the vendor "NI".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by NI can be found at device.report : NI
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32864 json | There is a memory corruption vulnerability due to an out-of-bounds read in mgcore_SH_25_3!aligned_free() in NI LabVIEW. Thi... | Not Provided | 2026-04-07 | 2026-04-13 |
| CVE-2026-32863 json | There is a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation() in NI L... | Not Provided | 2026-04-07 | 2026-04-13 |
| CVE-2026-32862 json | There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr() in NI LabVIEW.�... | Not Provided | 2026-04-07 | 2026-04-13 |
| CVE-2026-32861 json | There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW.... | Not Provided | 2026-04-07 | 2026-04-13 |
| CVE-2026-32860 json | There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. ... | Not Provided | 2026-04-07 | 2026-04-13 |
| CVE-2026-8036 json | Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leadi... | Not Provided | 2026-06-02 | 2026-06-05 |
| CVE-2026-8035 json | Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by tr... | Not Provided | 2026-06-02 | 2026-06-05 |
| CVE-2023-5136 json | An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker ... | 5.5 - MEDIUM | 2023-11-08 | 2023-11-15 |
| CVE-2023-4601 json | A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and... | 9.8 - CRITICAL | 2023-10-18 | 2023-10-28 |
| CVE-2023-4570 json | An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach ... | 8.8 - HIGH | 2023-10-05 | 2023-10-12 |
| CVE-2022-42718 json | Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticat... | 7.8 - HIGH | 2022-12-01 | 2022-12-06 |
| CVE-2022-35415 json | An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable... | 7.8 - HIGH | 2022-09-16 | 2022-09-17 |
| CVE-2022-27237 json | There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products. Dependi... | 6.1 - MEDIUM | 2022-04-21 | 2022-05-03 |
| CVE-2021-42563 json | There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow a... | 7.8 - HIGH | 2021-11-12 | 2021-11-16 |
| CVE-2021-38304 json | Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user ... | 7.8 - HIGH | 2021-09-17 | 2021-09-28 |
| CVE-2020-25191 json | Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to t... | 7.5 - HIGH | 2020-12-11 | 2020-12-14 |
| CVE-2017-2779 json | An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016... | 7.8 - HIGH | 2017-09-05 | 2022-04-19 |
| CVE-2017-2775 json | An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW b... | Not Provided | 2017-03-31 | 2025-04-20 |
| CVE-2013-5026 json | An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.ocx in National Instruments Lookout 6.5 through 6.7 allo... | Not Provided | 2013-08-06 | 2026-04-29 |
| CVE-2013-5025 json | An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote a... | Not Provided | 2013-08-06 | 2026-04-29 |
Known software with vulnerabilities from NI
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Ni | Compactrio | - |
| Operating System | Ni | Compactrio Firmware | 20.5 |
| Application | Ni | Diadem | - |
| Application | Ni | Labview | - |
| Application | Ni | Labwindows | - |
| Application | Ni | Lookout | 6.5 |
| Application | Ni | Measurementstudio | - |
| Application | Ni | Multisim | - |
| Application | Ni | Teststand | - |