CVE-2026-9051
Awaiting Analysis Awaiting Analysis - Queue
Authentication Bypass in NI SystemLink Enterprise Dashboard

Publication date: 2026-05-29

Last updated on: 2026-06-01

Assigner: National Instruments

Description
There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure.Β  Successful exploitation requires an attacker to send a specially crafted HTTP request.Β  This vulnerability affects NI SystemLink Enterprise 2026-04 and prior versions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-06-01
Generated
2026-06-19
AI Q&A
2026-05-30
EPSS Evaluated
2026-06-18
NVD
CVE-2026-9051
EUVD
EUVD-2026-33411
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ni systemlink_enterprise to 2026-04 (exc)
ni systemlink_enterprise to 2026-05 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how the authentication bypass vulnerability in NI SystemLink Enterprise Dashboard impacts compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

This vulnerability can allow an unauthenticated remote attacker to bypass authentication controls in the NI SystemLink Enterprise Dashboard.

As a result, the attacker may gain unauthorized access leading to privilege escalation within the Dashboard resources or disclosure of sensitive information.

Such unauthorized access can compromise the confidentiality and integrity of the affected system's data.

Mitigation Strategies

To mitigate the authentication bypass vulnerability in NI SystemLink Enterprise Dashboard, NI recommends upgrading to SystemLink Enterprise version 2026-05.

Note that the vulnerability affects only the Dashboard application in versions 2026-04 and earlier, and other NI SystemLink components are not affected.

Executive Summary

CVE-2026-9051 is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application.

This flaw allows unauthenticated remote attackers to bypass authentication controls by sending a specially crafted HTTP request.

Successful exploitation can lead to privilege escalation or information disclosure, but privilege escalation is limited to Dashboard resources only.

The vulnerability affects NI SystemLink Enterprise versions 2026-04 and earlier.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9051. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart