CVE-2026-56111
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
Marlin Firmware through version 2.1.2.7, with MESH_BED_LEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler. This allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices.
Risk Assessment
Attackers can send a crafted G-code command, leading to corruption of firmware variables and potentially causing denial of service or firmware state corruption. This poses a significant risk to device stability.
Recommendation
It is recommended to update to the firmware version containing the fix (commit 1f255d1) and to monitor and restrict access to interfaces that could be exploited to send malicious G-code commands.
Original NVD description (English source)
Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESH_BED_LEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices. Attackers can send a single crafted G-code command via USB serial, network interface, or malicious gcode file to write an attacker-controlled 32-bit float value past the z_values array bounds, corrupting adjacent firmware variables and causing denial of service or firmware state corruption.

