Memory Corruption Vulnerability in NI LabVIEW by National Instruments
CVE-2026-32863

8.5HIGH

Key Information:

Vendor: Ni
Status: Labview
Vendor: CVE Published:; 7 April 2026

What is CVE-2026-32863?

A memory corruption flaw exists in the function sentry_transaction_context_set_operation() within NI LabVIEW, leading to potential information disclosure or arbitrary code execution. This vulnerability requires an attacker to entice a user into opening a specially crafted VI file, making it a significant security risk for users of NI LabVIEW versions 2026 Q1 and earlier.

Affected Version(s)

LabVIEW 0 < 23.0.0

LabVIEW 23.1.0 < 23.3.9

LabVIEW 24.1.0 < 24.3.6

References

https://www.ni.com/en/support/security/available-critical...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2026
Vulnerability Reserved
Mar 16, 2026

Credit

Michael Heinzl

CVE-2026-32863 Data

JSON

Ni

What is CVE-2026-32863?

Affected Version(s)

References

CVSS V4

Timeline

Credit