This page lists publicly disclosed CVE vulnerabilities affecting dronecode px4_drone_autopilot (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-46256 | PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function due to the absence of `parserbuf_index` value checking. A malfunction of the sensor device can cause a heap buffer overflow with leading unexpected drone behavior. Malicious applications can exploit the vulnerability even if device sensor malfunction does not occur. Up to the maximum value of an `unsigned int`, bytes sized | [email protected] | 4.4 | 0.63% | 2023-10-31 | 2026-06-17 |
| CVE-2021-46896 | Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332. | [email protected] | 7.5 | 0.68% | 2023-07-06 | 2026-06-17 |
| CVE-2021-34125 | An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information via various nuttx commands. | [email protected] | 7.5 | 0.96% | 2023-03-09 | 2026-06-16 |