Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
DJI Drone: Remote Attack Can Disable WiFi Connection
CVE-2026-26673
Summary
A security issue in DJI drones with outdated firmware can allow a hacker to shut down the WiFi connection, disrupting control and data transfer. This affects DJI Mavic Mini, Spark, Mavic Air, Mini, and Mini SE drones with firmware versions 0.1.00.0500 or earlier. Users should update their firmware to the latest version to prevent this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dji | mavic_mini_firmware | <= 01.00.0600 | – |
| dji | spark_firmware | <= 01.00.1000 | – |
| dji | mini_se_firmware | <= 01.02.0000 | – |
Original title
An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem
Original description
An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem
nvd CVSS3.1
7.5
Vulnerability type
CWE-400
Uncontrolled Resource Consumption
- https://github.com/ByteMe1001/DJI-CatNect Exploit Third Party Advisory
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026