EUVD-2026-13003

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2026-32743 PX4 Autopilot: Stack-based Buffer Overflow via Oversized Path Input in MAVLink Log Request Handling

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2026-32705

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...

PX4-Autopilot 安全漏洞

PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions of PX4-Autopilot prior to 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from the BST telemetry probe’s use of a length-based string terminator without proper boundary checks, which cou...

CVE-2026-32713

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...

EUVD-2026-12172

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh publisher can send an oversized fragmented message to force an unbounded stack allocation and copy,...

EUVD-2026-12148

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is an open-source version of the PX4 drone autopilot system. There are security vulnerabilities in versions 1.12.x to 1.15.x of PX4 Drone Autopilot, which stem from logical flaws in the mode switching mechanism. These vulnerabilities could potentially cause the drone to become...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is an open-source version of the PX4 drone autopilot system. There are security vulnerabilities in versions 1.12.x to 1.15.x of PX4 Drone Autopilot, which stem from a faulty logic protection mechanism for the power-recovery interval. These vulnerabilities could potentially lea...

EUVD-2025-205529

A vulnerability was found in PX4 PX4-Autopilot up to 1.16.0. Affected by this issue is the function MavlinkLogHandler::statelisting/MavlinkLogHandler::logentryfromid of the file src/modules/mavlink/mavlinkloghandler.cpp. The manipulation results in stack-based buffer overflow. The attack is only...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is a PX4 drone autopilot open source by PX4 Autopilot. A security vulnerability exists in PX4 Drone Autopilot version 1.16.0 and earlier, which originates in the function MavlinkLogHandler::statelisting/ in the file src/modules/mavlink/mavlinkloghandler.cpp. A stack buffer...

PX4 Drone Autopilot 资源管理错误漏洞

PX4 Drone Autopilot is a PX4 drone autopilot open source by PX4 Autopilot. A resource management error vulnerability exists in PX4 Drone Autopilot version 1.15.4 and earlier, which stems from the MavlinkReceiver::handlemessageserialcontrol function mishandling the parameter mavlinkshell, which...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is a PX4 drone autopilot open source by PX4 Autopilot. A security vulnerability exists in PX4 Drone Autopilot versions prior to 1.14.3 that stems from the presence of a stack buffer overflow vulnerability that allows an attacker to execute commands to cause the program to refu...

PX4 Drone Autopilot Security Vulnerability

PX4 Drone Autopilot is a PX4 Drone Autopilot for Drones open source. A security vulnerability exists in PX4 Drone Autopilot version v1.12.3. An attacker has exploited the vulnerability to cause a denial of service DoS via a specially crafted MavLink message...

PX4 Drone Autopilot Security Vulnerability

PX4 Drone Autopilot is a PX4 drone autopilot open-sourced by PX4 Autopilot for Drones. A security vulnerability exists in PX4 Drone Autopilot version v1.14.3, which stems from a discovery via the topicname parameter in /logger/loggedtopics.cpp that contains a buffer overflow vulnerability...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is a PX4 drone autopilot open-sourced by PX4 Autopilot for Drones. A security vulnerability exists in PX4 Drone Autopilot version v.1.14, which stems from a vulnerability that allows an attacker to exploit a functionality flaw to break through a geofence and fly a drone into a...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is a PX4 drone autopilot open source by PX4 Autopilot for Drones. A security vulnerability exists in PX4 Drone Autopilot v1.14 and earlier versions that originated from a vulnerability that allows remote attackers to execute arbitrary code and cause a denial of service DOS via...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is a PX4 drone autopilot open-sourced by PX4 Autopilot for Drones. A security vulnerability exists in PX4 Drone Autopilot version v.1.14.0, which stems from a vulnerability that allows an attacker to manipulate the flight path via the Missionblock.cpp component, resulting in a...

PX4 Drone Autopilot Security Vulnerability

PX4 Drone Autopilot is a PX4 Drone Autopilot for Drones open source. A security vulnerability exists in PX4 Autopilot version 1.14 and earlier. An attacker exploited the vulnerability to send a drone on an unexpected mission...

PX4 Drone Autopilot Security Vulnerability

PX4 Drone Autopilot is a PX4 Drone Autopilot for Drones open source. A security vulnerability exists in PX4 Drone Autopilot version 1.14 and earlier versions that stems from a lack of a synchronization mechanism for loading geofencing data...