ГлавнаяУязвимости → CVE-2026-48138
7.5высокая

CVE-2026-48138

Описание

There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and prior versions.

Затрагиваемое ПО
Ni InstrumentstudioNi Ni grpc device server
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/ni/grpc-device/security/advisories/GHSA-8rjh-429j-f6gwhttps://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/2026/multiple-vulnerabilities-in-ni-grpc-device-server.html