CVE-2026-38971

ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control().
Configurations

Configuration 1 (hide)

cpe:2.3:a:ardupilot:arduplane:*:*:*:*:*:*:*:*

History

09 Jul 2026, 15:16

Type Values Removed Values Added
References
  • () https://gist.github.com/quart27219/6bfcc615f89fb493d02aad480704593b -

08 Jul 2026, 18:45

Type Values Removed Values Added
CPE cpe:2.3:a:ardupilot:arduplane:*:*:*:*:*:*:*:*
References () https://github.com/ArduPilot/ardupilot - () https://github.com/ArduPilot/ardupilot - Product
References () https://github.com/ArduPilot/ardupilot/issues/32524 - () https://github.com/ArduPilot/ardupilot/issues/32524 - Exploit, Issue Tracking
References () https://github.com/ArduPilot/ardupilot/pull/32587 - () https://github.com/ArduPilot/ardupilot/pull/32587 - Issue Tracking, Patch
First Time Ardupilot arduplane
Ardupilot

06 Jul 2026, 18:16

Type Values Removed Values Added
CWE CWE-125
References () https://github.com/ArduPilot/ardupilot/issues/32524 - () https://github.com/ArduPilot/ardupilot/issues/32524 -
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.1

02 Jul 2026, 21:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-02 21:16

Updated : 2026-07-09 15:16


NVD link : CVE-2026-38971

Mitre link : CVE-2026-38971

CVE.ORG link : CVE-2026-38971


JSON object : View

Products Affected

ardupilot

  • arduplane
CWE
CWE-125

Out-of-bounds Read