What is CVE-2026-48137?

CVE-2026-48137 is a critical-severity vulnerability in Ni Instrumentstudio, classified under Untrusted Pointer Dereference. CVSS score: 9.1/10. Published 2026-06-19.

How severe is CVE-2026-48137?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Vulnerability in Ni Instrumentstudio

CVE-2026-48137

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitat…

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Ni Instrumentstudio — versions 0

Weakness classification (CWE)

CWE-822 — Untrusted Pointer Dereference

References

security@ni.com (vendor-advisory)
security@ni.com (vendor-advisory)

Frequently asked questions

What is CVE-2026-48137?: CVE-2026-48137 is a critical-severity vulnerability in Ni Instrumentstudio, classified under Untrusted Pointer Dereference. CVSS score: 9.1/10. Published 2026-06-19.
How severe is CVE-2026-48137?: Critical severity. CVSS v3 base score is 9.1 out of 10.