CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-48137

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially crafted Moniker protobuf message. This affects NI grpc-device 2.17.0 and prior versions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 38.8%

CVSS Severity

CVSS v3 Score 9.1

References

Products affected by CVE-2026-48137

Ni » Instrumentstudio » Version: 2018

cpe:2.3:a:ni:instrumentstudio:2018
Ni » Instrumentstudio » Version: 2019

cpe:2.3:a:ni:instrumentstudio:2019
Ni » Instrumentstudio » Version: 2020

cpe:2.3:a:ni:instrumentstudio:2020
Ni » Instrumentstudio » Version: 2021

cpe:2.3:a:ni:instrumentstudio:2021
Ni » Instrumentstudio » Version: 2022

cpe:2.3:a:ni:instrumentstudio:2022
Ni » Instrumentstudio » Version: 2023

cpe:2.3:a:ni:instrumentstudio:2023
Ni » Instrumentstudio » Version: 2024

cpe:2.3:a:ni:instrumentstudio:2024
Ni » Instrumentstudio » Version: 2025

cpe:2.3:a:ni:instrumentstudio:2025
Ni » Instrumentstudio » Version: 2026

cpe:2.3:a:ni:instrumentstudio:2026
Ni » Ni Grpc Device Server » Version: 0.1

cpe:2.3:a:ni:ni_grpc_device_server:0.1
Ni » Ni Grpc Device Server » Version: 0.1.1

cpe:2.3:a:ni:ni_grpc_device_server:0.1.1
Ni » Ni Grpc Device Server » Version: 1.0.0

cpe:2.3:a:ni:ni_grpc_device_server:1.0.0
Ni » Ni Grpc Device Server » Version: 1.0.1

cpe:2.3:a:ni:ni_grpc_device_server:1.0.1
Ni » Ni Grpc Device Server » Version: 1.1.0

cpe:2.3:a:ni:ni_grpc_device_server:1.1.0
Ni » Ni Grpc Device Server » Version: 1.2.0

cpe:2.3:a:ni:ni_grpc_device_server:1.2.0
Ni » Ni Grpc Device Server » Version: 1.3.0

cpe:2.3:a:ni:ni_grpc_device_server:1.3.0
Ni » Ni Grpc Device Server » Version: 1.4.0

cpe:2.3:a:ni:ni_grpc_device_server:1.4.0
Ni » Ni Grpc Device Server » Version: 1.5.0

cpe:2.3:a:ni:ni_grpc_device_server:1.5.0
Ni » Ni Grpc Device Server » Version: 1.5.1

cpe:2.3:a:ni:ni_grpc_device_server:1.5.1
Ni » Ni Grpc Device Server » Version: 2.0.0

cpe:2.3:a:ni:ni_grpc_device_server:2.0.0
Ni » Ni Grpc Device Server » Version: 2.1.0

cpe:2.3:a:ni:ni_grpc_device_server:2.1.0
Ni » Ni Grpc Device Server » Version: 2.10.0

cpe:2.3:a:ni:ni_grpc_device_server:2.10.0
Ni » Ni Grpc Device Server » Version: 2.11.0

cpe:2.3:a:ni:ni_grpc_device_server:2.11.0
Ni » Ni Grpc Device Server » Version: 2.12.0

cpe:2.3:a:ni:ni_grpc_device_server:2.12.0
Ni » Ni Grpc Device Server » Version: 2.13.0

cpe:2.3:a:ni:ni_grpc_device_server:2.13.0
Ni » Ni Grpc Device Server » Version: 2.14.0

cpe:2.3:a:ni:ni_grpc_device_server:2.14.0
Ni » Ni Grpc Device Server » Version: 2.15.0

cpe:2.3:a:ni:ni_grpc_device_server:2.15.0
Ni » Ni Grpc Device Server » Version: 2.16.0

cpe:2.3:a:ni:ni_grpc_device_server:2.16.0
Ni » Ni Grpc Device Server » Version: 2.17.0

cpe:2.3:a:ni:ni_grpc_device_server:2.17.0
Ni » Ni Grpc Device Server » Version: 2.2

cpe:2.3:a:ni:ni_grpc_device_server:2.2
Ni » Ni Grpc Device Server » Version: 2.2.0

cpe:2.3:a:ni:ni_grpc_device_server:2.2.0
Ni » Ni Grpc Device Server » Version: 2.3.0

cpe:2.3:a:ni:ni_grpc_device_server:2.3.0
Ni » Ni Grpc Device Server » Version: 2.4.0

cpe:2.3:a:ni:ni_grpc_device_server:2.4.0
Ni » Ni Grpc Device Server » Version: 2.5.0

cpe:2.3:a:ni:ni_grpc_device_server:2.5.0
Ni » Ni Grpc Device Server » Version: 2.6.0

cpe:2.3:a:ni:ni_grpc_device_server:2.6.0
Ni » Ni Grpc Device Server » Version: 2.7.0

cpe:2.3:a:ni:ni_grpc_device_server:2.7.0
Ni » Ni Grpc Device Server » Version: 2.8.0

cpe:2.3:a:ni:ni_grpc_device_server:2.8.0
Ni » Ni Grpc Device Server » Version: 2.9.0

cpe:2.3:a:ni:ni_grpc_device_server:2.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-48137

Products

Pricing

Contact Us