GCVE - cpe:2.3:a:dji:mavic_mini:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:dji:mavic_mini:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Dji (`50359ef1-ca47-54f7-8994-ba0f08c160c3`)
Product	Mavic Mini (`9b447481-05a2-5ebe-9681-cc2b6b6a0a82`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-1743`	vulnerable	2026-06-03 15:14:45.241195	DJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replay LOW (3.1) A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2026-02-02T04:02:07.053Z Updated: 2026-02-23T09:13:47.578Z Open on db.gcve.eu Reference links https://vuldb.com/?id.343674 https://vuldb.com/?ctiid.343674 https://vuldb.com/?submit.741323 https://github.com/ByteMe1001/DJI-CatNect https://github.com/ByteMe1001/DJI-CatNect/blob/main/exploit.c	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-10250`	vulnerable	2026-06-03 14:58:33.787238	DJI Mavic Spark/Mavic Air/Mavic Mini Telemetry Channel hard-coded key MEDIUM (5) A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry Channel. Executing manipulation can lead to use of hard-coded cryptographic key . The attacker needs to be present on the local network. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer. Published: 2025-09-11T11:32:06.456Z Updated: 2025-09-11T14:35:20.945Z Open on db.gcve.eu Reference links https://vuldb.com/?id.323609 https://vuldb.com/?ctiid.323609 https://vuldb.com/?submit.639757 https://github.com/ByteMe1001/DJI-Enhanced-WiFi-Weak-Cryptography	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.