CVE-2026-48141 Memory leak in NI grpc-device BeginSidebandStream

🗓️ 19 Jun 2026 13:37:50Reported by NIType

Memory leak in NI grpc-device BeginSidebandStream may cause denial of service via memory exhaustion.

Reporter	Title	Published	Views	Family All 5
ATTACKERKB	CVE-2026-48141	19 Jun 202613:37	–	attackerkb
CVE	CVE-2026-48141	19 Jun 202613:37	–	cve
EUVD	EUVD-2026-38029	19 Jun 202613:37	–	euvd
NVD	CVE-2026-48141	19 Jun 202614:16	–	nvd
Positive Technologies	PT-2026-50892	19 Jun 202600:00	–	ptsecurity

[
  {
    "vendor": "NI",
    "product": "grpc-device",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "2.17.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "NI",
    "product": "InstrumentStudio",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "26.3.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
github	www.github.com/ni/grpc-device/security/advisories/GHSA-j4qc-5v3f-rf87
ni	www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/2026/multiple-vulnerabilities-in-ni-grpc-device-server.html

19 Jun 2026 13:37Current

CVSS 3.15.3

CVSS 46

CWE-401