Dronecode Px4_drone_autopilot

23 CVEs affecting Dronecode Px4_drone_autopilot. Latest disclosed: 2026-03-19. Critical: 0, High: 8.

Top CVEs affecting Dronecode Px4_drone_autopilot
CVESeverityScorePublishedSummary
CVE-2026-26742High8.12026-03-10PX4 Autopilot versions 1.12.x through 1.15.x contain a protection mechanism failure in the "Re-arm Grace Period" logic. The system incorrectly applies the in-a…
CVE-2026-26741High8.12026-03-10PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone…
CVE-2024-40427High7.92025-01-07Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to exe…
CVE-2026-32708High7.82026-03-16PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload…
CVE-2024-38952High7.52024-06-25PX4-Autopilot v1.14.3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics.cpp.
CVE-2021-46896High7.52023-07-06Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332.
CVE-2021-34125High7.52023-03-09An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands.
CVE-2026-32706High7.12026-03-16PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, The crsf_rc parser accepts an oversized variable-length known packet and copies it…
CVE-2026-32705Medium6.82026-03-16PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length w…
CVE-2024-29460Medium6.62024-04-10An issue in PX4 Autopilot v.1.14.0 allows an attacker to manipulate the flight path allowing for crashes of the drone via the home point location of the missio…
CVE-2026-32743Medium6.52026-03-19PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the…
CVE-2024-38951Medium6.52024-06-25A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink message.
CVE-2024-30800Medium5.62024-04-23PX4 Autopilot v.1.14 allows an attacker to fly the drone into no-fly zones by breaching the geofence using flaws in the function.
CVE-2026-32709Medium5.42026-03-16PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, An unauthenticated path traversal vulnerability in the PX4 Autopilot MAVLink FTP im…
CVE-2026-32724Medium5.32026-03-16PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc1, a heap-use-after-free is detected in the MavlinkShell::available() function. The is…
CVE-2025-15150Medium5.32025-12-28A vulnerability was found in PX4 PX4-Autopilot up to 1.16.0. Affected by this issue is the function MavlinkLogHandler::state_listing/MavlinkLogHandler::log_ent…
CVE-2026-32707Medium5.22026-03-16PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, tattu_can contains an unbounded memcpy in its multi-frame assembly loop, allowing s…
CVE-2024-30799Medium4.42024-04-22An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and cause a denial of service via the Breach Return Point functio…
CVE-2023-46256Medium4.42023-10-31PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the…
CVE-2026-32713Medium4.32026-03-16PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect bo…