CVE-2025-7361
HIGHDescription
A code injection vulnerability due to an improper initialization check exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI using a CIN node. This vulnerability affects 32-bit NI LabVIEW 2025 Q1 and prior versions. LabVIEW 64-bit versions do not support CIN nodes and are not affected.
Is your site exposed to CVE-2025-7361?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| ni | labview |
| microsoft | windows |
References
Frequently Asked Questions
What is CVE-2025-7361? +
How severe is CVE-2025-7361? +
What products are affected by CVE-2025-7361? +
How do I check if I'm vulnerable to CVE-2025-7361? +
Related Vulnerabilities
Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.217 , Tabby enables several high-risk Electron Fuses, including …
A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default …
Actual is an open-source personal finance application. In the macOS desktop application version 25.x (built on Electron 39.2.7), the ELECTRON_RUN_AS_NODE …
calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code …
FOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code injection vulnerability …
zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment …