Out-of-Bounds Write Vulnerabilities in DASYLab
Created Jun 09, 2026
Overview
There are multiple out-of-bounds write vulnerabilities when parsing user-supplied files in DASYLab that may result in information disclosure or arbitrary code execution. Successful exploitation requires a user to open a specially crafted DASYLab or DSB file, and these vulnerabilities affect all versions of DASYLab.
This advisory covers CVE-2026-0954, CVE-2026-0957, and CVE-2025-57778.
Contents
- Mitigation Guidance
- Affected Products
- CVSS Score
- Further Information
- Acknowledgements
- Additional Resources
Mitigation Guidance
Update to the current version of DASYLab. For older versions: There are no fixes available for these issues in the referenced advisories. Always: Avoid opening files from untrusted sources.
Affected Products
|
Product Version |
Mitigation |
|
DASYLab – all versions before 2026.0 |
Avoid opening untrusted DSB files |
|
DASYLab 2026.0 |
Not affected |
CVSS Score
- CVE-2026-0954 – 7.8 (CVSS 3.1), AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- CVE-2026-0954 – 8.5 (CVSS 4.0), AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
- CVE-2026-0957 – 7.8 (CVSS 3.1), AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- CVE-2026-0957 – 8.5 (CVSS 4.0), AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
- CVE-2025-57778 – 8.5 (CVSS 4.0 CNA), AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
NVD describes the issue as an out-of-bounds write during DSB file parsing due to improper bounds checking.
Further Information
CVE-2026-0954 and CVE-2026-0957 are described by NI as out-of-bounds write vulnerabilities when parsing user files in DASYLab. CVE-2025-57778 is described by NVD as an out-of-bounds write vulnerability in DSB file parsing caused by improper bounds checking resulting in an invalid source address.
Acknowledgements
Digilent credited Anonymous, working with Trend Micro Zero Day Initiative, for reporting CVE-2026-0954, and Rocco Calvi (@TecR0c) with TecSecurity, working with Trend Micro Zero Day Initiative, for reporting CVE-2026-0957.
No separate acknowledgement detail was confirmed from the retrieved NVD entry for CVE-2025-57778 beyond the source attribution to National Instruments.