VARIoT latest news about IoT security

Check for Windows 11 updates. Microsoft patched a big vulnerability. \| Mashable Trust: 3.0 Fetched: Feb. 17, 2026, 9:29 a.m., Published: Feb. 12, 2026, 5:19 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Root Cause Analysis & PoC Exploit for CVE-2026-24061 \| SafeBreach Trust: 3.75 Fetched: Feb. 17, 2026, 9:28 a.m., Published: Jan. 28, 2026, 6:25 a.m.	Vulnerabilities: command execution

Affected products

External IDs

db:

NVD

ids:

CVE-2026-24061

Access Blocked - SecNews.gr Trust: 3.25 Fetched: Feb. 17, 2026, 9:27 a.m., Published: -	Vulnerabilities: sql injection

Affected products	External IDs

Apple releases updates for iPhone, iPad, Mac, and Apple Watch Trust: 3.75 Fetched: Feb. 17, 2026, 9:25 a.m., Published: Feb. 16, 2026, 9:37 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	macbook
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	macbook air
vendor:	apple	model:	macbook pro
vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	google	model:	android

db:

NVD

ids:

CVE-2026-20700

CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover \| Cryptika Cybersecurity Trust: 3.25 Fetched: Feb. 17, 2026, 9:20 a.m., Published: Feb. 16, 2026, 10:07 a.m.	Vulnerabilities: request forgery, cross-site scripting, sql injection...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend micro	model:	antivirus
vendor:	mandriva	model:	linux
vendor:	palo	model:	networks
vendor:	palo	model:	firewall
vendor:	essential	model:	phone
vendor:	symantec	model:	advanced threat protection
vendor:	symantec	model:	antivirus
vendor:	symantec	model:	norton
vendor:	trendmicro	model:	security
vendor:	trendmicro	model:	antivirus
vendor:	sophos	model:	cyberoam
vendor:	sophos	model:	anti-virus
vendor:	sophos	model:	firewall
vendor:	cisco	model:	network access control
vendor:	cisco	model:	meeting
vendor:	cisco	model:	series
vendor:	cisco	model:	security manager
vendor:	cisco	model:	advanced malware protection
vendor:	trend	model:	security
vendor:	trend	model:	antivirus

CISA Alerts on Critical ZLAN ICS Flaws Enabling Full Device Takeover Trust: 5.0 Fetched: Feb. 17, 2026, 9:20 a.m., Published: Feb. 16, 2026, 9:34 a.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-247899, CVE-2026-24789, CVE-2026-250849, CVE-2026-25084

High-Severity Chrome 0-Day Vulnerability Enables Remote Code Execution - Tech Edu Byte Trust: 4.5 Fetched: Feb. 17, 2026, 9:19 a.m., Published: Feb. 16, 2026, 9:31 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

Bluetooth Devices and Your Privacy: What You Need to Know Trust: 3.5 Fetched: Feb. 17, 2026, 9:19 a.m., Published: Feb. 16, 2026, 2:39 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	mesh	model:	mesh
vendor:	google	model:	home
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2025-36911

Critical Memory Dereference Vulnerability in Linux Kernel: CVE-2026-23009 Trust: 3.0 Fetched: Feb. 17, 2026, 9:17 a.m., Published: Jan. 25, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-23009

CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature Trust: 4.75 Fetched: Feb. 17, 2026, 9:17 a.m., Published: Feb. 11, 2026, 5 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	palo	model:	firewall
vendor:	palo	model:	networks
vendor:	palo	model:	pan-os
vendor:	palo_alto_networks	model:	firewall
vendor:	palo_alto_networks	model:	networks
vendor:	palo_alto_networks	model:	pan-os
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	pan-os

db:

NVD

ids:

CVE-2026-0229

CVE-2026-20841 - Command Injection Vulnerability in Windows Notepad App - How Attackers Can Exploit It Trust: 4.75 Fetched: Feb. 17, 2026, 9:16 a.m., Published: Feb. 10, 2026, 5:51 p.m.	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2026-20841

CISA Warns: ZLAN ICS Device Flaws Enable Full Takeover Trust: 3.0 Fetched: Feb. 17, 2026, 9:16 a.m., Published: Feb. 16, 2026, 7:41 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-247899, CVE-2026-24789, CVE-2026-250849, CVE-2026-25084

LangChain: Langchain Community SSRF Bypass Vulnerability Exposes Internal Services to Unauthorized Access Trust: 5.0 Fetched: Feb. 17, 2026, 9:15 a.m., Published: Feb. 17, 2026, midnight	Vulnerabilities: request forgery

Affected products

External IDs

db:

NVD

ids:

CVE-2026-26019

Microsoft rolled out February 2026 firmware updates for Surface Pro 9 Trust: 4.75 Fetched: Feb. 17, 2026, 9:14 a.m., Published: Feb. 12, 2026, midnight	Vulnerabilities: information disclosure, authentication bypass, code execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-44074, CVE-2025-47367, CVE-2022-36392, CVE-2025-47355, CVE-2022-38102, CVE-2025-27075

An Experiment on Exploiting the Device Cloning Cyber-Physical Vulnerability in IoT Systems \| Springer Nature Link Trust: 3.75 Fetched: Feb. 17, 2026, 9:14 a.m., Published: Feb. 17, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	trend	model:	security

ZLAN Information Technology Co.: CISA Alerts on Critical ZLAN ICS Flaws Enabling Full Device Takeover Trust: 4.0 Fetched: Feb. 17, 2026, 9:13 a.m., Published: Feb. 16, 2026, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-24789, CVE-2026-25084

CISA Issues Alert on ZLAN ICS Flaws Enabling Full Device Takeover Trust: 5.0 Fetched: Feb. 17, 2026, 9:13 a.m., Published: Feb. 16, 2026, 6:29 a.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-247899, CVE-2026-250849

Find, secure, or erase a lost Android device - Google Account Help Trust: 3.0 Fetched: Feb. 17, 2026, 9:11 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

CVE-2026-23173 - net/mlx5e: TC, delete flows only for existing peers Trust: 3.0 Fetched: Feb. 15, 2026, 9:45 a.m., Published: Feb. 14, 2026, 4:15 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-23173

HPE Aruba Flaw Exposes Networking Devices to Privilege Escalation and DoS Attacks Trust: 5.0 Fetched: Feb. 15, 2026, 9:42 a.m., Published: Feb. 3, 2026, midnight	Vulnerabilities: privilege escalation, improper access control, authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-23595, CVE-2026-23597, CVE-2026-23598, CVE-2026-23596

VARIoT news about IoT security