VARIoT latest news about IoT security

Apple Patches Actively Exploited Zero-day CVE-2026-20700 In Dyld Across IOS, MacOS And Other Platforms Trust: 4.25 Fetched: Feb. 17, 2026, 9:34 a.m., Published: Feb. 16, 2026, 9:36 a.m.	Vulnerabilities: memory corruption, code execution, privilege escalation

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	tvos
vendor:	apple	model:	safari
vendor:	apple	model:	ipad
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2025-14174, CVE-2026-20700, CVE-2025-43529

Shelly Security Vulnerability: Check This Setting Now Trust: 3.0 Fetched: Feb. 17, 2026, 9:33 a.m., Published: Feb. 16, 2026, 3:45 p.m.	Vulnerabilities: -

Affected products	External IDs

Joomla Vulnerabilities in Novarain/Tassos Framework Expose SQL Injection Risks Trust: 4.0 Fetched: Feb. 17, 2026, 9:33 a.m., Published: Feb. 3, 2026, midnight	Vulnerabilities: code execution, sql injection

Affected products	External IDs

expo-device 56.0.0-canary-20260212-4f61309 vulnerabilities \| Snyk Trust: 3.5 Fetched: Feb. 17, 2026, 9:33 a.m., Published: Feb. 2, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canary

model:

canary

CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover - HEAL Security Inc. - Cyber Threat Intelligence for the Healthcare Sector Trust: 4.0 Fetched: Feb. 17, 2026, 9:32 a.m., Published: Feb. 16, 2026, 10:07 a.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-247899, CVE-2026-250849

CVE-2020-36981 : Unquoted Service Path Vulnerability in Motorola Device Manager Trust: 4.25 Fetched: Feb. 17, 2026, 9:31 a.m., Published: Jan. 27, 2026, 6:51 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

motorola

model:

motorola

db:

NVD

ids:

CVE-2020-36981

CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks Trust: 4.75 Fetched: Feb. 17, 2026, 9:31 a.m., Published: Feb. 14, 2026, 3:27 a.m.	Vulnerabilities: code execution, sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-43468

Check for Windows 11 updates. Microsoft patched a big vulnerability. \| Mashable Trust: 3.0 Fetched: Feb. 17, 2026, 9:29 a.m., Published: Feb. 12, 2026, 5:19 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Root Cause Analysis & PoC Exploit for CVE-2026-24061 \| SafeBreach Trust: 3.75 Fetched: Feb. 17, 2026, 9:28 a.m., Published: Jan. 28, 2026, 6:25 a.m.	Vulnerabilities: command execution

Affected products

External IDs

db:

NVD

ids:

CVE-2026-24061

Access Blocked - SecNews.gr Trust: 3.25 Fetched: Feb. 17, 2026, 9:27 a.m., Published: -	Vulnerabilities: sql injection

Affected products	External IDs

CVE-2026-23181 - btrfs: sync read disk super and set block size Trust: 3.0 Fetched: Feb. 17, 2026, 9:26 a.m., Published: Feb. 14, 2026, 5:15 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-23181

Apple releases updates for iPhone, iPad, Mac, and Apple Watch Trust: 3.75 Fetched: Feb. 17, 2026, 9:25 a.m., Published: Feb. 16, 2026, 9:37 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	macbook
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	macbook air
vendor:	apple	model:	macbook pro
vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	google	model:	android

db:

NVD

ids:

CVE-2026-20700

CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover \| Cryptika Cybersecurity Trust: 3.25 Fetched: Feb. 17, 2026, 9:20 a.m., Published: Feb. 16, 2026, 10:07 a.m.	Vulnerabilities: request forgery, cross-site scripting, sql injection...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend micro	model:	antivirus
vendor:	mandriva	model:	linux
vendor:	palo	model:	networks
vendor:	palo	model:	firewall
vendor:	essential	model:	phone
vendor:	symantec	model:	advanced threat protection
vendor:	symantec	model:	antivirus
vendor:	symantec	model:	norton
vendor:	trendmicro	model:	security
vendor:	trendmicro	model:	antivirus
vendor:	sophos	model:	cyberoam
vendor:	sophos	model:	anti-virus
vendor:	sophos	model:	firewall
vendor:	cisco	model:	network access control
vendor:	cisco	model:	meeting
vendor:	cisco	model:	series
vendor:	cisco	model:	security manager
vendor:	cisco	model:	advanced malware protection
vendor:	trend	model:	security
vendor:	trend	model:	antivirus

CISA Alerts on Critical ZLAN ICS Flaws Enabling Full Device Takeover Trust: 5.0 Fetched: Feb. 17, 2026, 9:20 a.m., Published: Feb. 16, 2026, 9:34 a.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-247899, CVE-2026-24789, CVE-2026-250849, CVE-2026-25084

High-Severity Chrome 0-Day Vulnerability Enables Remote Code Execution - Tech Edu Byte Trust: 4.5 Fetched: Feb. 17, 2026, 9:19 a.m., Published: Feb. 16, 2026, 9:31 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

Bluetooth Devices and Your Privacy: What You Need to Know Trust: 3.5 Fetched: Feb. 17, 2026, 9:19 a.m., Published: Feb. 16, 2026, 2:39 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	mesh	model:	mesh
vendor:	google	model:	home
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2025-36911

Critical Memory Dereference Vulnerability in Linux Kernel: CVE-2026-23009 Trust: 3.0 Fetched: Feb. 17, 2026, 9:17 a.m., Published: Jan. 25, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-23009

CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature Trust: 4.75 Fetched: Feb. 17, 2026, 9:17 a.m., Published: Feb. 11, 2026, 5 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	palo	model:	firewall
vendor:	palo	model:	networks
vendor:	palo	model:	pan-os
vendor:	palo_alto_networks	model:	firewall
vendor:	palo_alto_networks	model:	networks
vendor:	palo_alto_networks	model:	pan-os
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	pan-os

db:

NVD

ids:

CVE-2026-0229

CVE-2026-20841 - Command Injection Vulnerability in Windows Notepad App - How Attackers Can Exploit It Trust: 4.75 Fetched: Feb. 17, 2026, 9:16 a.m., Published: Feb. 10, 2026, 5:51 p.m.	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2026-20841

CISA Warns: ZLAN ICS Device Flaws Enable Full Takeover Trust: 3.0 Fetched: Feb. 17, 2026, 9:16 a.m., Published: Feb. 16, 2026, 7:41 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-247899, CVE-2026-24789, CVE-2026-250849, CVE-2026-25084

VARIoT news about IoT security