Sign-up

VARIoT news about IoT security

Security Breach in DJI Romo Robovac

Trust: 3.5

Fetched: Feb. 15, 2026, 9:32 a.m., Published: Feb. 16, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: password manager
vendor: trend model: security

CVE-2026-23162 - drm/xe/nvm: Fix double-free on aux add failure

Trust: 3.0

Fetched: Feb. 15, 2026, 9:31 a.m., Published: Feb. 14, 2026, 4:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-23162

BeyondTrust Remote Access Products 0-Day Vulnerability Allows Remote Code Execution

Trust: 4.75

Fetched: Feb. 15, 2026, 9:30 a.m., Published: Feb. 9, 2026, 9:39 a.m.
 Vulnerabilities: command injection, code execution, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-1731

Active Exploitation Of Fortinet SSO Flaw Targets Firewalls For Admin Takeover

Trust: 4.0

Fetched: Feb. 15, 2026, 9:30 a.m., Published: Jan. 22, 2026, 9:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59719, CVE-2025-59718, CVE-2024-21762

About the security content of macOS Sonoma 14.8.4 - Apple Support

Trust: 5.25

Fetched: Feb. 15, 2026, 9:29 a.m., Published: Aug. 14, 2004, midnight
 Vulnerabilities: authorization issue, process crash, bounds access issue
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: macos
vendor: trend micro model: security
db: NVD ids: CVE-2025-46303, CVE-2025-43402, CVE-2026-20602, CVE-2026-20628, CVE-2026-20634, CVE-2025-46300, CVE-2026-20617, CVE-2025-43338, CVE-2026-20680, CVE-2026-20605, CVE-2026-20625, CVE-2025-43403, CVE-2025-43417, CVE-2026-20624, CVE-2026-20621, CVE-2026-20667, CVE-2026-20653, CVE-2026-20615, CVE-2026-20675, CVE-2025-46290, CVE-2026-20641, CVE-2025-46301, CVE-2026-20616, CVE-2026-20614, CVE-2026-20671, CVE-2026-20660, CVE-2025-46310, CVE-2025-46283, CVE-2026-20606, CVE-2026-20612, CVE-2026-20677, CVE-2025-46302, CVE-2025-46305, CVE-2026-20620, CVE-2026-20609, CVE-2026-20673, CVE-2025-46304, CVE-2025-43533, CVE-2026-20611, CVE-2025-59375, CVE-2026-20627

New botnet reportedly targets HPE OneView, so be on your guard | TechRadar

Trust: 5.5

Fetched: Feb. 15, 2026, 9:28 a.m., Published: Jan. 20, 2026, 3:15 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-37164

CVE-2026-23158 - gpio: virtuser: fix UAF in configfs release path

Trust: 3.25

Fetched: Feb. 15, 2026, 9:28 a.m., Published: Feb. 14, 2026, 4:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-23158

Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability

Trust: 4.25

Fetched: Feb. 15, 2026, 9:27 a.m., Published: Jan. 21, 2026, 3:54 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Thanks to Microsoft adding all those extra features to Notepad, it now unfortunately sports one more: An exploitation vulnerability with a high security rating | PC Gamer

Trust: 5.75

Fetched: Feb. 15, 2026, 9:26 a.m., Published: Feb. 11, 2026, 11:12 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-20841

About the security content of macOS Sequoia 15.7.4 - Apple Support

Trust: 5.25

Fetched: Feb. 15, 2026, 9:26 a.m., Published: July 15, 2004, midnight
 Vulnerabilities: authorization issue, process crash, bounds access issue
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: macos
vendor: trend micro model: security
db: NVD ids: CVE-2025-46303, CVE-2025-43402, CVE-2026-20602, CVE-2026-20628, CVE-2026-20662, CVE-2026-20634, CVE-2025-46300, CVE-2026-20680, CVE-2026-20605, CVE-2026-20625, CVE-2025-43403, CVE-2026-20621, CVE-2026-20624, CVE-2026-20667, CVE-2026-20653, CVE-2026-20641, CVE-2026-20675, CVE-2025-46290, CVE-2025-46301, CVE-2026-20614, CVE-2026-20671, CVE-2025-46310, CVE-2026-20619, CVE-2026-20606, CVE-2026-20626, CVE-2026-20612, CVE-2025-46302, CVE-2025-46305, CVE-2026-20620, CVE-2026-20609, CVE-2026-20673, CVE-2025-46304, CVE-2025-43533, CVE-2026-20611, CVE-2025-59375

Ivanti’s EPMM is under active attack, thanks to two critical zero-days | CyberScoop

Trust: 3.75

Fetched: Feb. 15, 2026, 9:25 a.m., Published: Feb. 3, 2026, 9:14 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-1281, CVE-2025-4428, CVE-2026-1340

Apple Patches Actively Exploited Zero-Day Vulnerability Across Multiple Devices

Trust: 4.5

Fetched: Feb. 15, 2026, 9:24 a.m., Published: Feb. 3, 2026, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: trend model: security
vendor: apple model: ipad
vendor: apple model: watch
vendor: apple model: software update
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: apple tv
vendor: apple model: tvos
db: NVD ids: CVE-2025-43529, CVE-2026-20700, CVE-2025-14174

Apple update fixes zero-day software vulnerability | LinkedIn

Trust: 5.5

Fetched: Feb. 15, 2026, 9:23 a.m., Published: Feb. 3, 2026, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2026-20700

AI Medical Device Cybersecurity: Regulations & Risks | IntuitionLabs

Trust: 4.0

Fetched: Feb. 15, 2026, 9:19 a.m., Published: Feb. 14, 2026, midnight
 Vulnerabilities: denial of service, default credentials, default password
Affected productsExternal IDs
vendor: trend model: security
vendor: parallels model: tools

CISA Warns of Actively Exploited Critical VMware vCenter RCE Vulnerability

Trust: 4.75

Fetched: Feb. 15, 2026, 9:19 a.m., Published: Jan. 26, 2026, 7:22 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-37079

isMalicious vs Shodan: Threat Reputation vs Attack Surface Discovery | isMalicious Blog

Related entries in the VARIoT vulnerabilities database: VAR-202110-1691

Trust: 3.75

Fetched: Feb. 15, 2026, 9:16 a.m., Published: Feb. 11, 2026, 9 a.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2021-41773

Apple Patches Actively Exploited Zero-Day Flaw | eSecurity Planet

Trust: 5.5

Fetched: Feb. 15, 2026, 9:15 a.m., Published: Feb. 12, 2026, 3:56 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: tvos
db: NVD ids: CVE-2025-43529, CVE-2026-20700, CVE-2025-14174

iOS 18.7.5 Security Update: 30+ Critical Fixes Explained

Trust: 5.25

Fetched: Feb. 15, 2026, 9:14 a.m., Published: Feb. 12, 2026, 7 a.m.
 Vulnerabilities: code execution, traffic interception
Affected productsExternal IDs
vendor: google model: wifi
vendor: trend model: security
vendor: apple model: ipad
vendor: apple model: itunes
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: icloud
vendor: trend micro model: security
db: NVD ids: CVE-2026-20645, CVE-2026-20652, CVE-2026-20628, CVE-2026-20682, CVE-2026-20634, CVE-2025-46300, CVE-2026-20680, CVE-2026-20605, CVE-2026-20608, CVE-2026-20621, CVE-2026-20653, CVE-2026-20661, CVE-2026-20641, CVE-2026-20675, CVE-2026-20656, CVE-2026-20616, CVE-2026-20655, CVE-2026-20671, CVE-2026-20660, CVE-2026-20606, CVE-2026-20700, CVE-2026-20677, CVE-2025-46305, CVE-2025-43537, CVE-2026-20663, CVE-2026-20609, CVE-2026-20673, CVE-2026-20635, CVE-2025-43533, CVE-2026-20611, CVE-2025-59375, CVE-2026-20678, CVE-2026-20644

iOS 26.3 - Apple’s Zero-Day Patch - Is the Latest Reminder That Patching and Updates Still Matter

Trust: 3.5

Fetched: Feb. 15, 2026, 9:13 a.m., Published: Feb. 12, 2026, 1:11 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: tvos
db: NVD ids: CVE-2026-20700

A Guide to Assessing Security Risk in Embedded & IoT Devices | Dojo Five

Trust: 4.5

Fetched: Feb. 15, 2026, 9:12 a.m., Published: Feb. 13, 2026, 3:19 p.m.
 Vulnerabilities: privilege escalation, code execution, buffer overflow...
Affected productsExternal IDs
db: NVD ids: CVE-2026-20876, CVE-2025-24132