Sign-up

VARIoT news about IoT security

Coruna iOS Exploit Kit Compromises Thousands of iPhones | eSecurity Planet

Trust: 3.25

Fetched: March 13, 2026, 9:58 a.m., Published: March 5, 2026, 2:01 p.m.
 Vulnerabilities: code execution, privilege escalation, memory corruption
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: iphone

MediaTek Vulnerability: CMF Phone Security Broken in 45 Seconds

Trust: 3.0

Fetched: March 13, 2026, 9:55 a.m., Published: March 12, 2026, 5:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-20435

Apple confirms today’s iOS and iPadOS updates fix Coruna exploit - 9to5Mac

Trust: 4.25

Fetched: March 13, 2026, 9:54 a.m., Published: March 12, 2026, 12:13 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipod touch
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-41974, CVE-2023-43010, CVE-2024-23222, CVE-2023-43000

Fortinet Authentication Bypass Vulnerabilities Exploited - Léargas Security

Trust: 5.0

Fetched: March 13, 2026, 9:53 a.m., Published: March 10, 2026, 7:46 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2026-24858, CVE-2025-59718, CVE-2025-59719

CVE-2026-24295: Patch Windows Device Association Service Local Privilege Escalation | Windows Forum

Trust: 4.5

Fetched: March 13, 2026, 9:46 a.m., Published: March 10, 2026, 6:54 p.m.
 Vulnerabilities: code execution, privilege escalation, memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2026-24295

CVE-2026-20046 - Cisco IOS XR Software CLI Privilege Escalation Vulnerability

Trust: 5.75

Fetched: March 13, 2026, 9:44 a.m., Published: March 11, 2026, 5:16 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xr software
vendor: cisco model: ios xr
vendor: cisco model: cisco ios xr
vendor: cisco model: cisco ios
db: NVD ids: CVE-2026-20046

Microsoft: Microsoft Authenticator could leak login codes-update your app now

Trust: 3.75

Fetched: March 13, 2026, 9:31 a.m., Published: March 12, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-26123

MediaTek Security Flaw Threatens Data on Millions of Android Devices - FilmoGaz

Trust: 3.75

Fetched: March 13, 2026, 9:30 a.m., Published: March 12, 2026, 8:03 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: android
vendor: samsung model: samsung
vendor: oneplus model: oneplus
db: NVD ids: CVE-2026-20435

CVE-2026-28472: CVE-2026-28472: Device Identity Verification Bypass in OpenClaw Gateway WebSocket Handshake | CVEReports

Trust: 3.25

Fetched: March 13, 2026, 9:30 a.m., Published: March 5, 2026, 9:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-28472

Vulnerability found: SSH Prefix Truncation Vulnerability (Terrapin)

Trust: 3.0

Fetched: March 11, 2026, 9:57 a.m., Published: Aug. 2, 2007, midnight
 Vulnerabilities: os command injection, code execution, command injection...
Affected productsExternal IDs
db: NVD ids: CVE-2025-26465, CVE-2025-61984, CVE-2023-51385, CVE-2023-38408, CVE-2023-51384, CVE-2023-48795

CVE-2025-58107: Microsoft Exchange EAS Vulnerability Exposes Sensitive Samsung Device Data - NS Toolkit

Trust: 3.75

Fetched: March 11, 2026, 9:56 a.m., Published: March 3, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung mobile
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: mobile devices
db: NVD ids: CVE-2025-58107

CVE-2026-2460: REB500 Privilege Escalation Vulnerability

Trust: 3.75

Fetched: March 11, 2026, 9:55 a.m., Published: March 11, 2026, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2026-2460

‎m17 R2, BIOS installer blocked, vulnerable driver amifldrv64.sys | DELL Technologies

Trust: 3.25

Fetched: March 11, 2026, 9:53 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Cisco Secure Firewall Management Center Software Command Injection Vulnerability - Cisco

Trust: 5.25

Fetched: March 11, 2026, 9:50 a.m., Published: March 5, 2026, 1:14 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: asa software

Chrome Releases: 2026

Trust: 4.75

Fetched: March 11, 2026, 9:48 a.m., Published: March 11, 2026, midnight
 Vulnerabilities: buffer overflow, integer overflow
Affected productsExternal IDs
vendor: google model: chrome
db: NVD ids: CVE-2026-3537, CVE-2026-3540, CVE-2026-3536, CVE-2026-3545, CVE-2026-3541, CVE-2026-3543, CVE-2026-3544, CVE-2026-3542, CVE-2026-3538, CVE-2026-3539

Zyxel Patches Critical Vulnerability in Many Device Models - OODAloop

Trust: 4.25

Fetched: March 11, 2026, 9:46 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

Android's March 2026 security patch fixes over 100 flaws, one under targeted exploitation - Help Net Security

Trust: 5.75

Fetched: March 11, 2026, 9:43 a.m., Published: March 3, 2026, 9:38 a.m.
 Vulnerabilities: privilege escalation, code execution, information disclosure
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-0028, CVE-2025-48631, CVE-2026-0006, CVE-2026-21385, CVE-2026-0031, CVE-2024-43859, CVE-2026-0037, CVE-2026-0038, CVE-2026-0047, CVE-2026-0027, CVE-2026-0030

Advanced Cyber Security Incident Investigation for Smart Home Devices

Trust: 3.0

Fetched: March 11, 2026, 9:40 a.m., Published: March 11, 2026, 9:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: March 11, 2026, 9:31 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

Microsoft Patch Tuesday, March 2026 Security Update Review - Qualys ThreatPROTECT

Trust: 5.0

Fetched: March 11, 2026, 9:24 a.m., Published: -
 Vulnerabilities: pointer dereference flaw, code execution, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2026-26132, CVE-2026-21262, CVE-2026-26144, CVE-2026-24294, CVE-2026-25187, CVE-2026-26113, CVE-2026-26127, CVE-2026-26110, CVE-2026-23651, CVE-2026-26122, CVE-2026-26124, CVE-2026-24291, CVE-2026-23668, CVE-2026-26125, CVE-2026-21536, CVE-2026-24289