CVE-2026-26741

HIGH

PX4 Autopilot 1.12.x-1.15.x - Logic Flaw

Title source: llm

Description

PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state (after landing and before the automatic disarm triggered by the COM_DISARM_LAND parameter), the system lacks a throttle threshold safety check for the physical throttle stick. This flaw can directly cause the drone to lose control, experience rapid uncontrolled ascent (flyaway), and result in property damage

References (1)

Core 1

Core References

Third Party Advisory

https://github.com/npuwyw/PX4-Autopilot/blob/audit-v1.12.3-mode-transition-logic-flaw/PX4_Autopilot_Mode_Switching_Logic_Vulnerability.md

View Writeup ZIP pw:eip

Scores

CVSS v3 8.1

EPSS 0.0005

EPSS Percentile 16.1%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-862

Status published

Products (1)

dronecode/px4_drone_autopilot 1.12.0 - 1.16.0

Published Mar 10, 2026

Tracked Since Mar 11, 2026