Sign-up

VARIoT news about IoT security

Understanding CVE-2025-67399: Vulnerability in AIRTH SMART HOME AQI MONITOR Bootloader

Trust: 4.0

Fetched: Feb. 20, 2026, 9:25 a.m., Published: Feb. 1, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-67399

iOS 26.3 update warning highlights urgent iPhone security risk

Trust: 5.75

Fetched: Feb. 20, 2026, 9:25 a.m., Published: Feb. 15, 2026, 4:22 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: software update
vendor: apple model: webkit
db: NVD ids: CVE-2026-20700, CVE-2025-14174, CVE-2025-43529

U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog

Trust: 4.5

Fetched: Feb. 20, 2026, 9:24 a.m., Published: Feb. 19, 2026, 3:16 p.m.
 Vulnerabilities: request forgery, command execution, path traversal
Affected productsExternal IDs
vendor: google model: nexus
db: NVD ids: CVE-2021-22175, CVE-2026-22769, CVE-2020-7796

Why Should You Update to iOS 26.3 Immediately? - PUPUWEB

Trust: 4.75

Fetched: Feb. 20, 2026, 9:23 a.m., Published: Feb. 18, 2026, 7:58 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: watchos
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: tvos
db: NVD ids: CVE-2026-20700, CVE-2025-14174, CVE-2025-43529

CVE-2026-27199: Werkzeug Win Device Name DoS | Miggo

Trust: 3.25

Fetched: Feb. 20, 2026, 9:20 a.m., Published: Feb. 20, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-27199

Critical Flaw in Grandstream VoIP Phones Allows Remote Takeover - Delimiter Online

Trust: 5.5

Fetched: Feb. 20, 2026, 9:19 a.m., Published: Feb. 18, 2026, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: grandstream networks model: gxp1600
vendor: grandstream model: gxp1600
db: NVD ids: CVE-2026-2329

CVE-2026-26991: LibreNMS Device Groups Name Stored Cross-Site Scripting Vulnerability

Trust: 3.75

Fetched: Feb. 20, 2026, 9:19 a.m., Published: Feb. 18, 2026, midnight
 Vulnerabilities: session hijacking, cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2026-26991

CVE-2026-20119 | Tenable®

Trust: 6.0

Fetched: Feb. 20, 2026, 9:18 a.m., Published: Feb. 4, 2026, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: roomos
vendor: cisco model: telepresence collaboration endpoint
vendor: cisco model: telepresence
vendor: cisco model: meeting
vendor: cisco model: cisco telepresence
vendor: cisco model: cisco roomos
db: NVD ids: CVE-2026-20119

Manage your Google Settings - Google Account Help

Trust: 3.0

Fetched: Feb. 20, 2026, 9:09 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

European Parliament Blocks AI Features on Corporate Devices Over Cybersecurity Concerns

Trust: 3.0

Fetched: Feb. 18, 2026, 9:25 a.m., Published: Feb. 17, 2026, 12:29 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

WhisperPair: Millions of Bluetooth Devices at Risk | OnOff.gr

Trust: 3.5

Fetched: Feb. 18, 2026, 9:24 a.m., Published: Feb. 17, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: oneplus model: oneplus
db: NVD ids: CVE-2025-36911

Peplink Security Advisory: Balance/MAX/FusionHub Firmware 8.5.3 - Shell Command Injection Vulnerability - Announcements - Peplink Community

Trust: 5.25

Fetched: Feb. 18, 2026, 9:24 a.m., Published: Feb. 16, 2026, 2 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: peplink model: balance

CVE-2026-2567 : Buffer Overflow Vulnerability in Wavlink WL-NU516U1 Devices

Trust: 3.5

Fetched: Feb. 18, 2026, 9:23 a.m., Published: Feb. 16, 2026, 5:32 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2026-2567

Understanding and Mitigating Data Breaches in Mobile Devices: Insights from IT Professionals | Springer Nature Link

Trust: 3.75

Fetched: Feb. 18, 2026, 9:23 a.m., Published: Feb. 18, 2026, midnight
 Vulnerabilities: -

Fortinet Confirms Active Exploitation of FortiCloud SSO Bypass Vulnerability

Trust: 4.0

Fetched: Feb. 18, 2026, 9:22 a.m., Published: Jan. 23, 2026, 1:44 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-59719, CVE-2025-59718

What is Cyber Security? A Complete Beginner’s Guide

Trust: 3.25

Fetched: Feb. 18, 2026, 9:21 a.m., Published: -
 Vulnerabilities: sql injection, cross-site scripting
Affected productsExternal IDs
vendor: cisco model: sd-wan
vendor: cisco model: routers
vendor: cisco model: meeting
vendor: check point model: check point
vendor: check point model: endpoint security
vendor: palo model: networks
vendor: palo model: firewall
vendor: cisco systems model: sd-wan
vendor: cisco systems model: routers
vendor: cisco systems model: meeting
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall

Windows Notepad Vulnerability Allows Attackers to Execute Code Remotely

Trust: 4.75

Fetched: Feb. 18, 2026, 9:21 a.m., Published: Feb. 11, 2026, 5:06 a.m.
 Vulnerabilities: code execution, command injection, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2026-20841

Critical Airleader Vulnerability Enables Remote Code Execution

Trust: 3.75

Fetched: Feb. 18, 2026, 9:21 a.m., Published: Feb. 16, 2026, 2:33 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-13589, CVE-2026-1358

OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code

Trust: 4.75

Fetched: Feb. 18, 2026, 9:20 a.m., Published: Jan. 28, 2026, 5:52 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-69419, CVE-2025-68160, CVE-2026-22795, CVE-2025-69420, CVE-2025-15469, CVE-2025-66199, CVE-2025-11187, CVE-2025-69421, CVE-2025-15468, CVE-2026-22796, CVE-2025-15467, CVE-2025-69418

Apple releases urgent security update for iPhone iPad Mac zero-day flaw | Fox News

Trust: 4.5

Fetched: Feb. 18, 2026, 9:20 a.m., Published: Feb. 18, 2025, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: apple tv
vendor: apple model: watch
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: software update
db: NVD ids: CVE-2026-20700