Framework for Discovering GPS Spoofing Attacks in Drone Swarms

Swarm robotics, particularly drone swarms, are used in various safety-critical tasks. While a lot of attention has been given to improving swarm control algorithms for improved intelligence, the security implications of various design choices in swarm control algorithms have not been studied. We...

TriSweep: A Four-Drone Swarm Framework for Electromagnetic Side-Channel Analysis

Electromagnetic EM side-channel analysis traditionally assumes a stationary, close-proximity probe - a threat model that underestimates aerial adversaries. TriSweep is a simulation framework that designs and evaluates a four-drone swarm architecture for autonomous standoff EM-SCA of embedded...

Exploit for Stack-based Buffer Overflow in Dronecode Px4_Drone_Autopilot

CTT-Enhanced-PX4-Autopilot-Exploit-CVE-2026-32743 CVE-2026-327...

Exploit for Stack-based Buffer Overflow in Dronecode Px4_Drone_Autopilot

!CVE-2026-32707https://img.shields.io/badge/CVE-2026--32707-...

aoh (>=1.0.1 <=2.1.2), apls (>=0.0.6 <=0.1.0) +41 more potentially affected by CVE-2026-8088 via gdal (>=2.1.0 <=3.12.4)

gdal PYPI version =2.1.0, =1.0.1, =0.0.6, =0.1.1, =0.0.7, =2.0.1, =0.4.0, =0.1.0, =0.2.92, =0.9.2, =0.10.3, =0.11.0a0 and more Source cves: CVE-2026-8088 Source advisory: OSV:GHSA-J3F5-RW74-G4RV...

EUVD-2026-13003

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2026-32743 PX4 Autopilot: Stack-based Buffer Overflow via Oversized Path Input in MAVLink Log Request Handling

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2026-32705

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...

PX4-Autopilot 安全漏洞

PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions of PX4-Autopilot prior to 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from the BST telemetry probe’s use of a length-based string terminator without proper boundary checks, which cou...

CVE-2026-32713

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...

EUVD-2026-12172

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh publisher can send an oversized fragmented message to force an unbounded stack allocation and copy,...

EUVD-2026-12148

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is an open-source version of the PX4 drone autopilot system. There are security vulnerabilities in versions 1.12.x to 1.15.x of PX4 Drone Autopilot, which stem from a faulty logic protection mechanism for the power-recovery interval. These vulnerabilities could potentially lea...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is an open-source version of the PX4 drone autopilot system. There are security vulnerabilities in versions 1.12.x to 1.15.x of PX4 Drone Autopilot, which stem from logical flaws in the mode switching mechanism. These vulnerabilities could potentially cause the drone to become...

From Ukraine to Iran, Hacking Security Cameras Is Now Part of War’s ‘Playbook’

New research shows hundreds of attempts by apparent Iranian state hackers to hijack consumer-grade cameras, timed to missile and drone strikes. Israel, Russia, and Ukraine have also adopted this trick...

CVE-2026-26673

An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem...

The El Paso No-Fly Debacle Is Just the Beginning of a Drone Defense Mess

Fears over a drug cartel drone over Texas sparked a recent airspace shutdown in El Paso and New Mexico, highlighting just how tricky it can be to deploy anti-drone weapons near cities...

Resource-Aware Deployment Optimization for Collaborative Intrusion Detection in Layered Networks

Collaborative Intrusion Detection Systems CIDS are increasingly adopted to counter cyberattacks, as their collaborative nature enables them to adapt to diverse scenarios across heterogeneous environments. As distributed critical infrastructure operates in rapidly evolving environments, such as...

Prompt Injection Via Road Signs

Interesting research: "CHAI: Command Hijacking Against Embodied AI." Abstract: Embodied Artificial Intelligence AI promises to handle edge cases in robotic vehicle systems where data is scarce by using common-sense reasoning grounded in perception and action to generalize beyond training...

EUVD-2026-5151

A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from...