HIGHCVE-2026-0954Published 2026-03-13Modified 2026-03-15CNA NI

CVE-2026-0954: Out-Of-Bounds Write When Opening a Corrupt DSB File in Digilent DASYLab

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted DSB file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .DSB file. This vulnerability affects all versions of Digilent DASYLab.

CVSS v4.0: 8.5
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Digilent / DASYLab
≤ *

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

ni.com

Metrics