CVE-2026-9143
LowCVSS 3.7Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
A vulnerability in NI grpc-device due to incorrect numeric type conversion in CodeGen, caused by missing range checks. This may silently discard high bits if a size value exceeds the target type's range.
Risk Assessment
The risk involves potential data corruption or unpredictable application behavior when size values are incorrectly truncated, affecting the integrity of processed information.
Recommendation
It is recommended to immediately update NI grpc-device to a version later than 2.17.0 once the vendor releases a patch. Until then, avoid processing data with non-standard sizes.
Original NVD description (English source)
There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions.

