CVE-2026-9051NVD

Vulnerability Summary

There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure. Successful exploitation requires an attacker to send a specially crafted HTTP request. This vulnerability affects NI SystemLink Enterprise 2026-04 and prior versions.

Severity Level

CRITICAL(9.1)

Published Date

May 29, 2026

Last Modified

May 29, 2026

Exploitation Status

UNKNOWN

Root Weakness (CWE)

N/A

EPSS Score (30-Day)

0.04%Probability

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityNone

External References

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/2026/authentication-bypass-vulnerability-in-ni-systemlink-enterprise.html