Memory Leak Vulnerability in NI gRPC Device by National Instruments
CVE-2026-48141

6MEDIUM

Key Information:

Vendor: Ni
Status: Grpc-device; Instrumentstudio
Vendor: CVE Published:; 19 June 2026

What is CVE-2026-48141?

A memory leakage has been identified in the NI gRPC Device's BeginSidebandStream function, which can lead to a denial of service via memory exhaustion. This vulnerability affects version 2.17.0 and earlier, potentially disrupting the stability and availability of applications reliant on this service. Proactive measures should be taken to update to the latest version to mitigate these risks.

Affected Version(s)

grpc-device 0 <= 2.17.0

InstrumentStudio 0 <= 26.3.0

References

https://www.ni.com/en/support/security/available-critical...

vendor-advisory

https://github.com/ni/grpc-device/security/advisories/GHS...

vendor-advisory

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2026
Vulnerability Reserved
May 20, 2026

Credit

Sebastián Alba Vives (@Sebasteuo / 0xS4bb1)

CVE-2026-48141 Data

JSON

Ni

What is CVE-2026-48141?

Affected Version(s)

References

CVSS V4

Timeline

Credit