CVE-2026-26011

In NAVIGATION2 (ROS 2 Navigation Framework) version 1.3.11 and earlier, a critical heap out-of-bounds write in Nav2 AMCL’s particle filter clustering can be triggered by publishing a crafted geometry_msgs/PoseWithCovarianceStamped to /initialpose, causing a negative index write into heap memory a...

CVE-2024-30962

Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...

PT-2024-28283 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is related to a use-after-free vulnerability via the nav2 amcl process. This vulnerability is triggered by remotely sending a request to change the...

PT-2024-27792 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is a buffer overflow that occurs via the nav2 amcl process. This is triggered by sending a crafted .yaml file. Recommendations: For Open Robotics...

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from a post-release reuse vulnerability contained in the nav2amcl process. An attacker exploiting this vulnerability could be triggered by remotely sending a request to...