CVE-2026-32708 in PX4-Autopilot정보

요약

\~에 의해 MITRE • 2026. 03. 16.

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh publisher can send an oversized fragmented message to force an unbounded stack allocation and copy, causing a stack overflow and crash of the Zenoh bridge task. This vulnerability is fixed in 1.17.0-rc2.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

GitHub M

예약하다

2026. 03. 13.

공개

2026. 03. 16.

모더레이션

수락

항목

VDB-351045

CPE

준비됨

CWE

CWE-121 (확인됨)

CVSS

8.0 (NVD)

EPSS

0.00021

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32708
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32708
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32708/

◂ 이전 개요 다음 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!