CVE Catalog

CVE-2026-48138

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.34%

26th percentile - higher than 26% of all known CVEs

Summary

There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request.

Risk Assessment

This vulnerability may lead to denial of service, affecting system availability. An attacker could exploit this flaw to disrupt service operation.

Recommendation

It is recommended to upgrade to NI grpc-device version 2.17.1 or later to mitigate this vulnerability. Additionally, monitoring logs for potential exploitation attempts is advised.

Original NVD description (English source)

There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and prior versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS