CVE-2026-26673

HIGH

DJI Mavic Mini/Spark/Air <0.1.00.0500 - DoS

Title source: llm

Description

An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem

References (1)

[Various Sources] https://github.com/ByteMe1001/DJI-CatNect

View Writeup ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0012

EPSS Percentile 30.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-400

Status published

Affected Products (3)

dji/mavic_mini_firmware < 01.00.0600

dji/spark_firmware < 01.00.1000

dji/mini_se_firmware < 01.02.0000

Timeline

Published Mar 04, 2026

Tracked Since Mar 04, 2026