CVE-2026-9143

Summary

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen.  This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions.

Affected Software

VendorProductVersion RangeStatus
NIgrpc-device0 <= 2.17.0affected
NIInstrumentStudio0 <= 26.3.0affected

Weaknesses

  • CWE-681: CWE-681 Incorrect conversion between numeric types

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References