Description
There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .lvclass file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions.
Published: 2026-04-07
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises from an out‑of‑bounds write that corrupts memory during the loading of a .lvclass file. An attacker can supply a specially crafted file to trigger the corruption, potentially allowing the disclosure of sensitive information or the execution of arbitrary code on the affected system. The defect is classified as CWE‑787, an out‑of‑bounds write.

Affected Systems

Affected products are NI LabVIEW from National Instruments, specifically any release through 2026 Q1 (version 26.1.0) and earlier. Users running these versions should review the vendor’s advisory for available patches. No specific mitigations are listed for versions beyond the first quarter of 2026.

Risk and Exploitability

The CVSS score of 8.5 indicates high severity, but the EPSS score of less than 1 % shows exploitation probability is low and the vulnerability has not been reported as a known exploited weakness (not in KEV). Exploitation typically requires the victim to open a malicious .lvclass file, so the attack vector is user‑initiated local or remote file delivery. If an attacker can persuade an end‑user or program to load the file, arbitrary code execution could occur with the privileges of the user.

Generated by OpenCVE AI on April 13, 2026 at 16:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest NI LabVIEW update that includes the security fix for the LVCLASS file parsing issue.
  • If an immediate update is not feasible, limit the use of .lvclass files to trusted sources and explicitly block or quarantine untrusted files.
  • Implement monitoring to detect anomalous file openings or attempts to execute code from untrusted files.

Generated by OpenCVE AI on April 13, 2026 at 16:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:ni:labview:2023:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch4:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch5:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch6:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch7:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2023:q3_patch8:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:-:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q1_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch4:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2024:q3_patch5:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q1_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q3_patch1:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q3_patch2:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2025:q3_patch3:*:*:*:*:*:*
cpe:2.3:a:ni:labview:2026:q1:*:*:*:*:*:*

Tue, 07 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Description There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .lvclass file. This vulnerability affects NI LabVIEW 2026 Q1 (26.1.0) and prior versions.
Title Out-of-Bounds Write Vulnerability in NI LabVIEW when loading lvclass file
First Time appeared Ni
Ni labview
Weaknesses CWE-787
CPEs cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*
Vendors & Products Ni
Ni labview
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Ni Labview
cve-icon MITRE

Status: PUBLISHED

Assigner: NI

Published:

Updated: 2026-04-08T03:55:58.996Z

Reserved: 2026-03-16T20:29:24.840Z

Link: CVE-2026-32861

cve-icon Vulnrichment

Updated: 2026-04-07T20:39:10.437Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T20:16:24.363

Modified: 2026-04-13T14:55:18.227

Link: CVE-2026-32861

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:40:51Z

Weaknesses