CVE-2026-56789
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk13th percentile — higher than 13% of all known CVEs
Summary
RTKLIB through version 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c. Attackers can exploit this by providing a malicious RINEX file with more than 64 satellites per epoch, leading to heap buffer overflow writes and out-of-bounds stack reads, crashing RTKLIB-based applications such as rnx2rtkp and RTKPOST.
Risk Assessment
The risk involves the possibility of remotely causing system crashes by delivering a crafted RINEX file, which can disrupt navigation and geodetic applications using RTKLIB.
Recommendation
It is recommended to immediately update RTKLIB to a version newer than 2.4.3, if available, or apply a patch that limits the satellite count to 64 per epoch in the readrnxobsb function.
Original NVD description (English source)
RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64 satellites per epoch to cause heap buffer overflow writes and out-of-bounds stack reads, crashing RTKLIB-based applications including rnx2rtkp and RTKPOST.

