Openrobotics Robot Operating System — known CVE vulnerabilities
Every CVE whose affected-product data names Openrobotics Robot Operating System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (32)
CVE-2024-44852 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component…
CVE-2024-41645 — CVSS 9.8 (critical): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute…
CVE-2024-41646 — CVSS 9.8 (critical): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute…
CVE-2024-41647 — CVSS 9.8 (critical): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute…
CVE-2024-41648 — CVSS 9.8 (critical): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute…
CVE-2024-41649 — CVSS 9.8 (critical): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute…
CVE-2024-41650 — CVSS 9.8 (critical): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute…
CVE-2024-38921 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl…
CVE-2024-38922 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process…
CVE-2024-38923 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl…
CVE-2024-38924 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl…
CVE-2024-38925 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl…
CVE-2024-38926 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl…
CVE-2024-38927 — CVSS 9.8 (critical): Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl…
CVE-2024-41644 — CVSS 9.8 (critical): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute…
CVE-2024-25198 — CVSS 9.1 (critical): Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating…
CVE-2020-10289 — CVSS 8.8 (high): Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which…
CVE-2024-25199 — CVSS 8.1 (high): Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2…
CVE-2025-3753 — CVSS 7.8 (high): A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic…
CVE-2024-30961 — CVSS 7.8 (high): Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble…
CVE-2024-30962 — CVSS 7.8 (high): Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a…
CVE-2024-39289 — CVSS 7.8 (high): A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic…
CVE-2024-39780 — CVSS 7.8 (high): A YAML deserialization vulnerability was found in the Robot Operating System (ROS) 'dynparam', a command-line tool for getting, setting…
CVE-2024-39835 — CVSS 7.8 (high): A code injection vulnerability has been identified in the Robot Operating System (ROS) 'roslaunch' command-line tool, affecting ROS…
CVE-2024-41148 — CVSS 7.8 (high): A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS…
CVE-2024-41921 — CVSS 7.8 (high): A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS…
CVE-2024-44853 — CVSS 7.5 (high): Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component…
CVE-2024-44854 — CVSS 7.5 (high): Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component…
CVE-2024-44855 — CVSS 7.5 (high): Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component…
CVE-2024-44856 — CVSS 7.5 (high): Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component…
CVE-2024-25197 — CVSS 6.5 (medium): Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the…
CVE-2024-25196 — CVSS 3.3 (low): Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the…