CVE-2026-1579P2CRITICALCVSS 9.8v1.16.0·vv1.16.0 SITL2026-03-31
CVE-2026-1579 [CRITICAL] CWE-306 CVE-2026-1579: The MAVLink communication protocol does not require cryptographic authentication by default. When M
The MAVLink communication protocol does not require cryptographic
authentication by default. When MAVLink 2.0 message signing is not
enabled, any message -- including SERIAL_CONTROL, which provides
interactive shell access -- can be sent by an unauthenticated party with
access to the MAVLink interface. PX4 provides MAVLink 2.0 message
signing as the
nvd