CVE-2026-2246
📋 TL;DR
A memory corruption vulnerability in AprilRobotics apriltag library versions up to 3.4.5 allows local attackers to potentially execute arbitrary code or cause denial of service. The vulnerability affects the apriltag_detector_detect function in apriltag.c and requires local access to exploit.
💻 Affected Systems
- AprilRobotics apriltag library
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation leading to full system compromise or persistent backdoor installation
Likely Case
Application crash (denial of service) or limited memory corruption affecting apriltag functionality
If Mitigated
Minimal impact if proper sandboxing and privilege separation are implemented
🎯 Exploit Status
Exploit code is publicly available in GitHub repositories, making exploitation straightforward for attackers with local access
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after commit cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61
Vendor Advisory: https://github.com/AprilRobotics/apriltag/commit/cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61
Restart Required: Yes
Instructions:
1. Update apriltag library to version after commit cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61
2. Rebuild any applications using the apriltag library
3. Restart affected services or applications
🔧 Temporary Workarounds
Restrict local access
allLimit local user access to systems running vulnerable apriltag applications
Application sandboxing
linuxRun apriltag applications in containers or sandboxes to limit impact
docker run --security-opt=no-new-privileges -it your_apriltag_app
🧯 If You Can't Patch
- Implement strict access controls to limit local user privileges
- Monitor systems for unusual process behavior or crashes related to apriltag applications
🔍 How to Verify
Check if Vulnerable:
Check if apriltag library version is 3.4.5 or earlier, or verify if commit cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61 is not presentCheck Version:
Check package manager or library headers for version informationVerify Fix Applied:
Verify that apriltag library includes commit cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61 or is version 3.4.6+📡 Detection & Monitoring
Log Indicators:
- Segmentation faults or memory corruption errors in apriltag applications
- Unexpected process termination of apriltag-related services
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Process termination events for apriltag applications OR memory access violation alerts🔗 References
- https://github.com/AprilRobotics/apriltag/
- https://github.com/AprilRobotics/apriltag/commit/cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61
- https://github.com/AprilRobotics/apriltag/issues/422
- https://github.com/AprilRobotics/apriltag/issues/422#issuecomment-3797661933
- https://github.com/oneafter/0120/blob/main/repro
- https://vuldb.com/?ctiid.344994
- https://vuldb.com/?id.344994
- https://vuldb.com/?submit.753162
