Sign-up

VARIoT news about IoT security

CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover

Trust: 5.0

Fetched: Feb. 22, 2026, 9:19 a.m., Published: Feb. 16, 2026, 10:07 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-247899, CVE-2026-250849

Socomec DIRIS M-70 Gateway: Six Critical DoS Vulnerabilities Exposed

Related entries in the VARIoT vulnerabilities database: VAR-202512-0007, VAR-202512-0181

Trust: 4.75

Fetched: Feb. 22, 2026, 9:19 a.m., Published: Feb. 21, 2026, 4:12 a.m.
 Vulnerabilities: integer overflow
Affected productsExternal IDs
vendor: cisco model: access points
vendor: snort model: snort
db: NVD ids: CVE-2025-548517, CVE-2025-552227, CVE-2025-548507, CVE-2025-548487, CVE-2025-548497, CVE-2025-54848, CVE-2025-55222, CVE-2025-552217

Microsoft Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices

Trust: 4.0

Fetched: Feb. 22, 2026, 9:18 a.m., Published: Feb. 16, 2026, 3:10 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-215338, CVE-2026-215197, CVE-2026-208417, CVE-2026-215107

CVE-2026-26991: LibreNMS Device Group Name XSS | Miggo

Trust: 5.25

Fetched: Feb. 22, 2026, 9:18 a.m., Published: Feb. 22, 2025, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2026-26991

DoS Flaws Exposed In Socomec DIRIS M-70 IIoT Device Through Fuzzing

Related entries in the VARIoT vulnerabilities database: VAR-202512-0005, VAR-202512-0008

Trust: 3.75

Fetched: Feb. 22, 2026, 9:17 a.m., Published: Feb. 20, 2026, 11:25 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-54850, CVE-2025-548497, CVE-2025-548487, CVE-2025-552217, CVE-2025-54851

CVE-2026-27199: Werkzeug Vulnerability in safe_join Function Allows Windows Special Device Names

Trust: 4.0

Fetched: Feb. 22, 2026, 9:16 a.m., Published: Feb. 20, 2026, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2026-27199

Saiba mais sobre o Android Device Configuration Service - Ajuda do Android

Trust: 3.0

Fetched: Feb. 22, 2026, 9:14 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Manage your Google Settings - Google Account Help

Trust: 3.0

Fetched: Feb. 22, 2026, 9:14 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

IP Phone Cisco CP-6821-3PCC-K9 z podstawką i słuchawką (bez zasilacza) | Sprawdzony Sprzęt IT | Device

Trust: 3.0

Fetched: Feb. 22, 2026, 9:12 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ip phone

Don't ignore Apple's urgent security update - AOL

Trust: 4.5

Fetched: Feb. 20, 2026, 9:48 a.m., Published: Feb. 17, 2026, 7:32 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: apple tv
vendor: apple model: iphone
vendor: apple model: watch
vendor: apple model: ipad
db: NVD ids: CVE-2026-20700

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review

Trust: 5.5

Fetched: Feb. 20, 2026, 9:47 a.m., Published: Jan. 28, 2026, 8:42 a.m.
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
vendor: cisco systems model: routers
vendor: cisco systems model: series
vendor: cisco model: routers
vendor: cisco model: series
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: watchos
vendor: apple model: software update
vendor: apple model: tvos
db: NVD ids: CVE-2026-24858, CVE-2025-59718, CVE-2025-59719

CVE-2026-20662 - Apple macOS Lock Screen Information Disclosure Vulnerability

Trust: 5.75

Fetched: Feb. 20, 2026, 9:45 a.m., Published: Feb. 11, 2026, 11:16 p.m.
 Vulnerabilities: information disclosure, authorization issue
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2026-20662

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

Trust: 5.25

Fetched: Feb. 20, 2026, 9:44 a.m., Published: Jan. 28, 2026, 7:25 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-24858

Critical CVE-2025-64712 Vulnerability in Unstructured.io Exposes Amazon and Google to Remote Code Execution

Trust: 4.75

Fetched: Feb. 20, 2026, 9:43 a.m., Published: Feb. 13, 2026, 1:40 p.m.
 Vulnerabilities: script injection, code execution, path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2025-64712, CVE-2025-647129

Update Canonical Ubuntu Desktop: USN-8049-1: Nova vulnerability

Trust: 3.0

Fetched: Feb. 20, 2026, 9:42 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Analysis of Attacks and Mitigation Techniques in IoT Environments: A Comprehensive Approach to Ensuring Security in the Era of Connectivity | Springer Nature Link

Trust: 3.25

Fetched: Feb. 20, 2026, 9:42 a.m., Published: Feb. 20, 2026, midnight
 Vulnerabilities: denial of service

Still using WinRAR? You should probably look out for these potentially dangerous security flaws | TechRadar

Trust: 4.75

Fetched: Feb. 20, 2026, 9:41 a.m., Published: Jan. 28, 2026, 7:05 p.m.
 Vulnerabilities: directory traversal, path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2025-8088

Update Canonical Ubuntu Desktop: USN-8044-1: alsa-lib vulnerability

Trust: 3.75

Fetched: Feb. 20, 2026, 9:41 a.m., Published: Jan. 20, 8044, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
vendor: alsa model: alsa

CVE-2026-24834: Kata Guest VM RCE via pmem | Miggo

Trust: 4.75

Fetched: Feb. 20, 2026, 9:40 a.m., Published: Feb. 20, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-24834

Grandstream VoIP Phones Hacked: Critical Remote Code Execution Vulnerability (CVE-2026-2329) - Newsy Today

Trust: 3.75

Fetched: Feb. 20, 2026, 9:37 a.m., Published: Feb. 19, 2026, 7:41 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-2329