MeldSecurity
Press Enter to search
CVE Database & Search →
Sign In Get Started

CVE-2025-64467

🔴 HIGH

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary cod...

Published
Dec 18, 2025
Last Modified
Dec 24, 2025
Views
5
Bookmarks
0

Description

Request Expert Review

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

Affected Products (31)

ni - labview

Version: 2022

ni - labview

Version: 2022

ni - labview

Version: 2022

ni - labview

Version: 2022

ni - labview

Version: 2022

ni - labview

Version: 2022

ni - labview

Version: 2022

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2023

ni - labview

Version: 2024

ni - labview

Version: 2024

ni - labview

Version: 2024

ni - labview

Version: 2024

ni - labview

Version: 2024

ni - labview

Version: 2024

ni - labview

Version: 2024

ni - labview

Version: 2024

ni - labview

Version: 2025

ni - labview

Version: 2025

ni - labview

Version: 2025

ni - labview

Version: 2025

ni - labview

Version: 2025

ni - labview

Version: 2025

ni - labview

Version: 2025

CVSS Scores

CVSS 3.1 7.8
7.8
HIGH
CVSS 2.0 7.8

References

www.ni.com

Additional Information

Source
security@ni.com
State
Analyzed

Related CVEs

CVE-2025-66177

HIGH

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on t...

Score: 8.8

CVE-2025-66176

HIGH

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on...

Score: 8.8

CVE-2026-0514

MEDIUM

Due to a Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspe...

Score: 6.1

CVE-2026-0513

MEDIUM

Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a...

Score: 4.7

CVE-2026-0511

HIGH

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation o...

Score: 8.1

CVE-2026-0510

LOW

The User Management Engine (UME) in NetWeaver Application Server for Java (NW AS Java) utilizes an obsolete cryptographic algorithm for encrypting Use...

Score: 3.0

Share CVE-2025-64467

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2025-64467 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis