Platform
windows
Component
ni-labview
Fixed in
23.0.0
23.3.9
24.3.6
25.3.4
26.1.1
CVE-2026-32861 describes a memory corruption vulnerability discovered in NI LabVIEW. This flaw stems from an out-of-bounds write condition triggered when the application processes a corrupted LVCLASS file. Successful exploitation could lead to information disclosure or even arbitrary code execution, impacting users of NI LabVIEW versions 0.0.0 through 26.1.1. A patch is available in version 26.1.1.
The core of this vulnerability lies in the improper handling of LVCLASS files. An attacker could craft a malicious .lvclass file designed to trigger the out-of-bounds write. Upon a user opening this file within NI LabVIEW, the vulnerability could be exploited. The potential impact is significant, ranging from the disclosure of sensitive information stored within the application's memory to the execution of arbitrary code. This could allow an attacker to gain control of the affected system, install malware, or steal data. The requirement for user interaction (opening the malicious file) limits the immediate scope, but widespread use of LabVIEW increases the potential attack surface.
CVE-2026-32861 was publicly disclosed on April 7, 2026. Currently, there is no indication of active exploitation or a KEV listing. No public proof-of-concept (PoC) code has been released. The vulnerability's reliance on user interaction suggests a lower probability of widespread exploitation compared to remote, unauthenticated vulnerabilities, but the potential impact warrants prompt patching.
Exploit Status
EPSS
0.02% (5% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-32861 is to upgrade to NI LabVIEW version 26.1.1 or later, which includes the fix for this vulnerability. If upgrading immediately is not feasible, consider implementing stricter file access controls to prevent users from opening untrusted .lvclass files. Educate users about the risks of opening files from unknown or untrusted sources. While a WAF or proxy cannot directly mitigate this file parsing vulnerability, they can be configured to block known malicious file extensions or patterns. Verify the upgrade by attempting to load a known-safe LVCLASS file and confirming no errors or crashes occur.
Update to NI LabVIEW version 26.1.1 or later to mitigate the vulnerability. The update corrects an out-of-bounds write error when processing corrupted LVCLASS files, preventing potential information disclosure or arbitrary code execution. Download the update from the NI support website.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-32861 is a memory corruption vulnerability in NI LabVIEW versions 0.0.0–26.1.1, allowing potential information disclosure or arbitrary code execution via a corrupted .lvclass file.
You are affected if you are using NI LabVIEW versions prior to 26.1.1. Check your installed version against the affected range to determine your risk.
Upgrade to NI LabVIEW version 26.1.1 or later to resolve this vulnerability. Ensure you back up your system before applying the update.
As of the last update, there is no evidence of active exploitation of CVE-2026-32861, but vigilance is still advised.
Refer to the National Instruments security advisory page for the latest information and updates regarding CVE-2026-32861: [https://www.ni.com/en-us/shop/security/security-advisories.html]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.