CVE-2026-8036

Summary

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.

Affected Software

VendorProductVersion RangeStatus
NINI-PAL0 <= 26.3.0affected

Weaknesses

  • CWE-1285: CWE-1285 Improper validation of specified index, position, or offset in input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References