Critical Insecure Default Credentials Vulnerability in NI grpc-device
A critical vulnerability (CVE-2026-9142) with a CVSS score of 9.1 has been discovered in NI grpc-device, affecting versions 2.17.0 and prior. The vulnerability allows unauthenticated access to the server on the local network when TLS configuration is not present and the server is bound beyond loopback. Immediate patching is recommended to prevent potential exploitation.