What is CVE-2026-9142?

CVE-2026-9142 is a critical-severity vulnerability in Ni Grpc-device, classified under Missing Authentication for Critical Function. CVSS score: 9.1/10. Published 2026-06-19.

How severe is CVE-2026-9142?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Auth bypass in Ni Grpc-device

CVE-2026-9142

There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network. Thi…

Vulnerability class: Broken Authentication

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Ni Grpc-device — versions 0
Ni Instrumentstudio — versions 0

Weakness classification (CWE)

CWE-306 — Missing Authentication for Critical Function

References

security@ni.com (vendor-advisory)
security@ni.com

Frequently asked questions

What is CVE-2026-9142?: CVE-2026-9142 is a critical-severity vulnerability in Ni Grpc-device, classified under Missing Authentication for Critical Function. CVSS score: 9.1/10. Published 2026-06-19.
How severe is CVE-2026-9142?: Critical severity. CVSS v3 base score is 9.1 out of 10.