Stack-based Buffer Overflow in PX4 Autopilot for Drones and Unmanned Vehicles
CVE-2026-32743

6.5MEDIUM

Key Information:

Vendor

Px4

Status
Px4-autopilot
Vendor
CVE Published:
18 March 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-32743?

The PX4 Autopilot software, used widely in drones and unmanned vehicles, has a vulnerability that allows for a stack-based buffer overflow. This occurs through the MavlinkLogHandler when the sscanf function processes log file paths without a width specifier, enabling an attacker to overflow the buffer with paths exceeding 60 characters. By exploiting this vulnerability via MAVLink link access, an attacker can create deeply nested directories using MAVLink FTP and subsequently request the log list, leading to a crash of the MAVLink task, which results in a loss of telemetry and command capabilities, effectively causing a denial of service (DoS). A fix has been implemented in the latest commits.

Affected Version(s)

PX4-Autopilot <= 1.17.0-rc2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CTT-Enhanced-PX4-Autopilot-Exploit-CVE-2026-32743
Created by SimoesCTT

References

https://github.com/PX4/PX4-Autopilot/security/advisories/...
x_refsource_CONFIRM
https://github.com/PX4/PX4-Autopilot/commit/616b25a280e22...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.