Byteme1001

#17073of 53,630
15.6Total CVSS
Vulnerabilities · 3
Low
1
Medium
1
High
1
PT-2026-22938
7.5
2026-03-04
Dji · Dji Mini Se · CVE-2026-26673
**Name of the Vulnerable Software and Affected Versions** DJI Mavic Mini versions 0.1.00.0500 and below DJI Spark versions 0.1.00.0500 and below DJI Mavic Air versions 0.1.00.0500 and below DJI Mini versions 0.1.00.0500 and below DJI Mini SE versions 0.1.00.0500 and below **Description** A flaw exists in the DJI Enhanced-WiFi transmission subsystem that allows a remote attacker to trigger a denial of service. **Recommendations** Update DJI Mavic Mini to a version later than 0.1.00.0500. Update DJI Spark to a version later than 0.1.00.0500. Update DJI Mavic Air to a version later than 0.1.00.0500. Update DJI Mini to a version later than 0.1.00.0500. Update DJI Mini SE to a version later than 0.1.00.0500.
PT-2026-5602
3.1
2026-02-02
Dji · Dji Spark · CVE-2026-1743
**Name of the Vulnerable Software and Affected Versions** DJI Mavic Mini versions prior to 01.00.0500 DJI Spark versions prior to 01.00.0500 DJI Mini SE versions prior to 01.00.0500 DJI Air versions prior to 01.00.0500 **Description** A flaw exists in the Enhanced Wi-Fi Pairing component that allows for authentication bypass through a capture-replay attack. The attack requires local network access and a high degree of complexity, making exploitation difficult. The exploit is publicly available. The vendor was informed of this issue but did not provide a response. **Recommendations** Update DJI Mavic Mini to version 01.00.0500 or later. Update DJI Spark to version 01.00.0500 or later. Update DJI Mini SE to version 01.00.0500 or later. Update DJI Air to version 01.00.0500 or later.
PT-2025-37174
5.0
2025-09-11
Dji · Mavic Air · CVE-2025-10250
Name of the Vulnerable Software and Affected Versions: DJI Mavic Spark version 01.00.0500 DJI Mavic Air version 01.00.0500 DJI Mavic Mini version 01.00.0500 Description: A weakness exists in the Telemetry Channel component due to the use of a hard-coded cryptographic key. An attacker present on the local network can exploit this issue. The exploitability is considered difficult and the exploit has been publicly released. This vulnerability only affects products that are no longer supported. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.