CVE-2026-32863

There is a memory corruption vulnerability due to an out-of-bounds read in sentrytransactioncontextsetoperation in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafte...

PT-2026-31000

There is a memory corruption vulnerability due to an out-of-bounds write in ResFileFactory::InitResourceMgr in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...

National Instruments LabVIEW 2022 < 2022 Q3 Patch 7 / 2023 < 2023 Q3 Patch 8 / 2024 Q3 Patch 5 / 20205 < 2025 Q3 Patch 3 Multiple Vulnerabilities

The version of National Instruments NI LabVIEW installed on the remote Windows host is affected by multiple memory corruption vulnerabilities that may result in information disclosure or arbitrary code execution, including the following: - There is an out of bounds write vulnerability in NI LabVI...

CVE-2025-64464

There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. Th...

CVE-2025-64464

There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. Th...

CVE-2025-64463 Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW

There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...

CVE-2025-7848

A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior...

CVE-2025-2634

Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and...

CVE-2024-10494

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and pri...

PT-2024-5248 · National Instruments · Ni Labview

Name of the Vulnerable Software and Affected Versions: NI LabVIEW versions prior to 2024 Q1 Description: A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide ...

PT-2024-19967 · National Instruments · Labview

Name of the Vulnerable Software and Affected Versions: LabVIEW versions 2024 Q1 and prior Description: An improper error handling issue in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. Recommendations: For...

PT-2024-19966 · National Instruments · Labview

Name of the Vulnerable Software and Affected Versions: LabVIEW versions prior to 2024 Q1 Description: An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI...

CVE-2009-3995

Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...