Loading market data...
← Back to CVE feed

CVE-2026-48137

CRITICAL CVSS 9.1 View on NVD ↗

Description

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution.  Successful exploitation requires an attacker  to supply a specially crafted Moniker protobuf message.  This affects NI grpc-device 2.17.0 and prior versions.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Published: Jun 19, 2026 14:16 UTC Modified: Jun 19, 2026 14:16 UTC