Every CVE whose affected-product data names Ni Instrumentstudio, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-9142 — CVSS 9.1 (critical): There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound…
CVE-2026-48137 — CVSS 9.1 (critical): There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an…
CVE-2026-48138 — CVSS 7.5 (high): There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial…
CVE-2026-48139 — CVSS 7.5 (high): There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a…
CVE-2026-48140 — CVSS 6.5 (medium): There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum…
CVE-2026-48141 — CVSS 5.3 (medium): There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion. This affects NI…
CVE-2026-9143 — CVSS 3.7 (low): There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may…