Skip to main content

Labview

27 CVEs product

Monthly

CVE-2026-32864 HIGH PATCH This Week

Memory corruption via out-of-bounds read in NI LabVIEW's mgcore_SH_25_3!aligned_free() function enables information disclosure or arbitrary code execution when users open maliciously crafted VI files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. CVSS 8.5 severity stems from local attack vector requiring user interaction but no authentication. No public exploit identified at time of analysis, though the vendor advisory confirms the vulnerability's existence and technical details.

Information Disclosure Buffer Overflow RCE Labview
NVD VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-32863 HIGH PATCH This Week

Memory corruption in NI LabVIEW 26.1.0 and earlier allows local attackers to execute arbitrary code or disclose sensitive information via maliciously crafted VI files. The vulnerability stems from an out-of-bounds read in sentry_transaction_context_set_operation(), requiring user interaction to open a specially crafted file. CVSS 8.5 (High) with local attack vector and low complexity. No public exploit identified at time of analysis, and EPSS data not available for this recently published CVE.

Information Disclosure Buffer Overflow RCE Labview
NVD VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-32862 HIGH PATCH This Week

Memory corruption in NI LabVIEW's ResFileFactory::InitResourceMgr() function allows arbitrary code execution or information disclosure when users open malicious VI files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. CVSS 8.5 severity reflects high impact potential, though exploitation requires user interaction to open a crafted file. No public exploit identified at time of analysis, with EPSS data unavailable for this recently assigned CVE. Local attack vector limits remote exploitation scenarios.

Memory Corruption Information Disclosure Buffer Overflow RCE Labview
NVD VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-32861 HIGH PATCH This Week

Memory corruption via out-of-bounds write in NI LabVIEW allows arbitrary code execution and information disclosure when processing maliciously crafted .lvclass files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. Attack requires local access and user interaction to open the weaponized file (CVSS AV:L/UI:P). No public exploit identified at time of analysis, though the vendor advisory confirms the vulnerability and provides remediation guidance.

Memory Corruption Information Disclosure Buffer Overflow RCE Labview
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-32860 HIGH PATCH This Week

Memory corruption via out-of-bounds write in NI LabVIEW allows arbitrary code execution when processing malicious LVLIB files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. Attack requires local access and user interaction to open a specially crafted .lvlib project library file (CVSS 8.5, AV:L/PR:N/UI:P). No public exploit identified at time of analysis. EPSS data not available, but the local attack vector and user interaction requirement significantly limit immediate mass exploitation risk despite high CVSS score.

Memory Corruption Information Disclosure Buffer Overflow RCE Labview
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2025-2632 HIGH This Week

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Buffer Overflow RCE Labview
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2631 HIGH This Week

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation() that may result in information disclosure or arbitrary code execution. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Buffer Overflow RCE Labview
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2630 HIGH This Week

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
CVSS 4.0
7.0
EPSS
0.1%
CVE-2025-2629 HIGH This Week

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
CVSS 4.0
7.0
EPSS
0.1%
CVE-2024-10496 HIGH This Week

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2024-10495 HIGH This Week

An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2024-10494 HIGH This Week

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2024-4081 HIGH This Week

A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Labview
NVD
CVSS 4.0
8.4
EPSS
0.3%
CVE-2024-4080 HIGH This Week

A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Labview
NVD
CVSS 4.0
8.4
EPSS
0.3%
CVE-2024-4079 HIGH This Week

An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Labview
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-6638 MEDIUM This Month

An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Labview
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-23612 HIGH This Week

An improper error handling vulnerability in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-23611 HIGH This Week

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Labview
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-23610 HIGH PATCH This Week

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Labview
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-23609 HIGH This Week

An improper error handling vulnerability in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-23608 HIGH PATCH This Week

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Labview
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-27237 MEDIUM PATCH This Month

There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Flexlogger G Web Development Software Labview Static Test Software Suite +1
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2017-2779 HIGH POC This Week

An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Labview
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-2775 HIGH POC This Week

An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Labview
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2013-5023 MEDIUM This Month

The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Diadem Labview Labwindows Measurementstudio +1
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-5022 CRITICAL PATCH Act Now

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Labview Labwindows Measurementstudio Teststand
NVD
CVSS 2.0
10.0
EPSS
1.4%
CVE-2013-5021 CRITICAL Act Now

Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Abb Path Traversal Labview Labwindows Measurementstudio +2
NVD
CVSS 2.0
9.3
EPSS
0.7%
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Memory corruption via out-of-bounds read in NI LabVIEW's mgcore_SH_25_3!aligned_free() function enables information disclosure or arbitrary code execution when users open maliciously crafted VI files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. CVSS 8.5 severity stems from local attack vector requiring user interaction but no authentication. No public exploit identified at time of analysis, though the vendor advisory confirms the vulnerability's existence and technical details.

Information Disclosure Buffer Overflow RCE +1
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Memory corruption in NI LabVIEW 26.1.0 and earlier allows local attackers to execute arbitrary code or disclose sensitive information via maliciously crafted VI files. The vulnerability stems from an out-of-bounds read in sentry_transaction_context_set_operation(), requiring user interaction to open a specially crafted file. CVSS 8.5 (High) with local attack vector and low complexity. No public exploit identified at time of analysis, and EPSS data not available for this recently published CVE.

Information Disclosure Buffer Overflow RCE +1
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Memory corruption in NI LabVIEW's ResFileFactory::InitResourceMgr() function allows arbitrary code execution or information disclosure when users open malicious VI files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. CVSS 8.5 severity reflects high impact potential, though exploitation requires user interaction to open a crafted file. No public exploit identified at time of analysis, with EPSS data unavailable for this recently assigned CVE. Local attack vector limits remote exploitation scenarios.

Memory Corruption Information Disclosure Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Memory corruption via out-of-bounds write in NI LabVIEW allows arbitrary code execution and information disclosure when processing maliciously crafted .lvclass files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. Attack requires local access and user interaction to open the weaponized file (CVSS AV:L/UI:P). No public exploit identified at time of analysis, though the vendor advisory confirms the vulnerability and provides remediation guidance.

Memory Corruption Information Disclosure Buffer Overflow +2
NVD
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Memory corruption via out-of-bounds write in NI LabVIEW allows arbitrary code execution when processing malicious LVLIB files. Affects LabVIEW 2026 Q1 (26.1.0) and all prior versions. Attack requires local access and user interaction to open a specially crafted .lvlib project library file (CVSS 8.5, AV:L/PR:N/UI:P). No public exploit identified at time of analysis. EPSS data not available, but the local attack vector and user interaction requirement significantly limit immediate mass exploitation risk despite high CVSS score.

Memory Corruption Information Disclosure Buffer Overflow +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Buffer Overflow +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation() that may result in information disclosure or arbitrary code execution. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Buffer Overflow +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
EPSS 0% CVSS 7.0
HIGH This Week

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
EPSS 0% CVSS 8.4
HIGH This Week

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
EPSS 0% CVSS 8.4
HIGH This Week

An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
EPSS 0% CVSS 8.4
HIGH This Week

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Labview
NVD
EPSS 0% CVSS 8.4
HIGH This Week

A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 0% CVSS 8.4
HIGH This Week

A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Labview
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An improper error handling vulnerability in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An improper error handling vulnerability in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Labview
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Flexlogger G Web Development Software +3
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Labview
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Diadem Labview +3
NVD
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Labview Labwindows +2
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Abb Path Traversal Labview +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy