CVE-2026-32743

Name of the Vulnerable Software and Affected Versions PX4 versions 1.17.0-rc2 and below

Description PX4 is an open-source autopilot stack for drones and unmanned vehicles. A stack-based buffer overflow exists through the MavlinkLogHandler, triggered via a MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses paths from the log list file without a width specifier, allowing paths exceeding 60 characters to overflow the buffer. An attacker with MAVLink link access can trigger this by creating deeply nested directories via MAVLink FTP, then requesting the log list. This causes the flight controller MAVLink task to crash, resulting in a denial-of-service (DoS) condition and loss of telemetry and command capability.

Recommendations Versions prior to 1.17.0-rc2 should be updated.