CVE Catalog

CVE-2026-9143

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

A vulnerability in NI grpc-device due to incorrect numeric type conversion in CodeGen, caused by missing range checks. This may silently discard high bits if a size value exceeds the target type's range.

Risk Assessment

The risk involves potential data corruption or unpredictable application behavior when size values are incorrectly truncated, affecting the integrity of processed information.

Recommendation

It is recommended to immediately update NI grpc-device to a version later than 2.17.0 once the vendor releases a patch. Until then, avoid processing data with non-standard sizes.

Original NVD description (English source)

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen.  This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS