CVE-2026-8036
7.1 HIGHImproper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privil...
Published: 2026-06-02 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 7.1 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-1285
Affected products
| Vendor | Product |
|---|---|
| ni | ni-pal |
Description
Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-8035 — Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a c... (7.1 HIGH)
Same CWE
- CVE-2026-45352 — cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library (5.3 MEDIUM)
- CVE-2026-9100 — The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation (5.9 MEDIUM)