CVE-2026-0956
Out-of-Bounds Read in Digilent DASYLab Enables Code Execution
Publication date: 2026-03-13
Last updated on: 2026-03-19
Assigner: National Instruments
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ni | dasylab | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
Exploitation of this vulnerability may lead to information disclosure or arbitrary code execution on the affected system.
This means an attacker could potentially access sensitive information or take control of the system by executing malicious code.
Can you explain this vulnerability to me?
This vulnerability is a memory corruption issue caused by an out-of-bounds read when Digilent DASYLab loads a corrupted file.
An attacker can exploit this by tricking a user into opening a specially crafted file, which triggers the vulnerability.
The flaw affects all versions of Digilent DASYLab.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid opening any files from untrusted or unknown sources in Digilent DASYLab, as exploitation requires a user to open a specially crafted file.
Ensure that users are aware of the risk and do not open suspicious files.
Monitor for updates or patches from Digilent or the vendor and apply them as soon as they become available.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know