ГлавнаяУязвимости → CVE-2026-48139
7.5высокая

CVE-2026-48139

Описание

There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash.  Successful exploitation requires an attacker to provide an unknown value to the data moniker service. This affects NI grpc-device 2.17.0 and prior versions.

Затрагиваемое ПО
Ni InstrumentstudioNi Ni grpc device server
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/ni/grpc-device/security/advisories/GHSA-7vg9-5c74-289xhttps://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/2026/multiple-vulnerabilities-in-ni-grpc-device-server.html