xiaomi CVE Vulnerabilities & CVE List (2)

Products (CPE): — CVEs: 2

xiaomi vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to xiaomi, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-29515 MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally grants access and allows listing, reading, writing, and deleting files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status. [email protected] 9.3 0.48% 2026-03-11 2026-06-17
CVE-2011-4697 The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before 2.1.320 for Android does not properly protect data, which allows remote attackers to read or modify messaging information via a crafted application. [email protected] 6.4 1.14% 2012-01-24 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence