Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

Update Chrome now: Zero-day bug allows code execution via malicious webpages | Malwarebytes

Trust: 5.25

Fetched: March 4, 2026, 9:28 a.m., Published: Feb. 17, 2026, 12:33 p.m.
 Vulnerabilities: use after free, code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2026-2441

Apple Just Patched Its First Zero-Day Security Vulnerability of 2026 | Lifehacker

Trust: 5.75

Fetched: March 4, 2026, 9:27 a.m., Published: Feb. 12, 2026, 6 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: software update
vendor: apple model: iphone
db: NVD ids: CVE-2026-20700, CVE-2025-43529, CVE-2025-14174

A worrying Wi-Fi vulnerability can bypass home and office network encryption - here's how to stay safe | TechRadar

Trust: 3.0

Fetched: March 4, 2026, 9:27 a.m., Published: Feb. 27, 2026, 3:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

Australia Introduces Mandatory Cybersecurity Rules for Smart Devices (Effective 4 March 2026) - C-PRAV Group

Trust: 3.5

Fetched: March 4, 2026, 9:26 a.m., Published: March 4, 2026, 2:42 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Trust: 5.75

Fetched: March 4, 2026, 9:26 a.m., Published: March 3, 2026, 7:08 a.m.
 Vulnerabilities: integer overflow, privilege escalation, code execution...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385, CVE-2026-0031, CVE-2024-43859, CVE-2026-0028, CVE-2026-0030, CVE-2026-0027, CVE-2026-0047, CVE-2026-0006, CVE-2025-48631, CVE-2026-0037, CVE-2026-0038

Google Patches Critical Qualcomm Zero-Day in Latest Android Update | Nomadic Soft

Trust: 4.5

Fetched: March 4, 2026, 9:24 a.m., Published: March 4, 2026, midnight
 Vulnerabilities: integer overflow, memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385

Firewalls Are A Growing Security Problem - Eclypsium | Supply Chain Security for the Modern Enterprise

Trust: 4.5

Fetched: March 4, 2026, 9:22 a.m., Published: March 3, 2026, 6:25 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: palo model: ssl vpn
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: sophos model: firewall

Firewall Vulnerability Exploitation: Why the Edge is Fraying - Malware News - Malware Analysis, News and Indicators

Trust: 4.5

Fetched: March 4, 2026, 9:22 a.m., Published: March 3, 2026, 7:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: palo model: ssl vpn
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: sophos model: firewall

CVE-2026-1626 - Cisco SSH CBC Vulnerability

Trust: 3.0

Fetched: March 4, 2026, 9:21 a.m., Published: Feb. 27, 2026, 9:16 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-1626

Google Confirms Active Exploitation of Android Graphics Flaw - Delimiter Online

Trust: 5.0

Fetched: March 4, 2026, 9:19 a.m., Published: March 3, 2026, 6:48 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385

CVE-2026-23999 - Predictable Device Unlock PINs in Fleet Device Management Software

Trust: 3.0

Fetched: March 4, 2026, 9:18 a.m., Published: Feb. 26, 2026, 2:45 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-23999

Claude's collaboration tools allowed remote code execution • The Register

Trust: 5.75

Fetched: March 4, 2026, 9:17 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-59536, CVE-2026-21852

Are Smart Home Devices Safe: Every Risk and How to Neutralize It - Shield Operations

Trust: 5.25

Fetched: March 4, 2026, 9:16 a.m., Published: March 3, 2026, midnight
 Vulnerabilities: default credentials, default password
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: hikvision model: hikvision
vendor: philips model: hue bridge
vendor: philips hue model: hue bridge
vendor: google model: home
vendor: google model: pixel
vendor: google model: google home
vendor: zooz model: plug
vendor: home assistant model: home assistant
vendor: samsung model: samsung
vendor: netgear model: router
vendor: asus model: router
vendor: asus model: routers
vendor: asus model: asus
vendor: lifx model: bulb
vendor: ecobee model: smart thermostat
vendor: raspberry pi model: 3
db: NVD ids: CVE-2020-6007

Hitachi REB500 Vulnerabilities CVE-2026-2459 and CVE-2026-2460: Patch to 8.3.3.1 | Windows Forum

Trust: 3.75

Fetched: March 4, 2026, 9:15 a.m., Published: March 3, 2026, 6:10 p.m.
 Vulnerabilities: directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2026-2460, CVE-2026-2459

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability - The Network DNA: Networking, Cloud, and Security Technology Blog

Related entries in the VARIoT vulnerabilities database: VAR-202602-3258

Trust: 4.25

Fetched: March 4, 2026, 9:14 a.m., Published: Feb. 27, 2026, midnight
 Vulnerabilities: authentication bypass, denial of service
Affected productsExternal IDs
vendor: cisco model: catalyst
vendor: cisco model: vedge
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan vmanage
vendor: cisco model: wan manager
vendor: cisco model: sd-wan
db: NVD ids: CVE-2026-20127

CVE-2026-20127 Zero-Day Auth Bypass Exploited | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202209-1914, VAR-202602-3258

Trust: 4.75

Fetched: March 4, 2026, 9:13 a.m., Published: Feb. 25, 2026, 6:51 p.m.
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: cisco model: catalyst
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan vmanage
vendor: cisco model: wan manager
vendor: cisco model: sd-wan
db: NVD ids: CVE-2022-20775, CVE-2026-20127

Google Confirms CVE-2026-21385 in Qualcomm Android Component Is Being Exploited

Trust: 5.5

Fetched: March 4, 2026, 9:12 a.m., Published: March 3, 2026, 8:57 a.m.
 Vulnerabilities: integer overflow, privilege escalation, memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385, CVE-2026-0006

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

Trust: 6.0

Fetched: March 4, 2026, 9:12 a.m., Published: March 3, 2026, 10:03 a.m.
 Vulnerabilities: memory corruption, integer overflow, denial of service...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385, CVE-2026-0031, CVE-2024-43859, CVE-2026-0028, CVE-2026-0030, CVE-2026-0027, CVE-2026-0047, CVE-2026-0006, CVE-2025-48631, CVE-2026-0037, CVE-2026-0038

Google addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities | CyberScoop

Trust: 4.0

Fetched: March 4, 2026, 9:11 a.m., Published: March 2, 2026, 10:20 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2026-21385

Don’t ignore Apple’s urgent security update | 930 WFMD Free Talk

Trust: 5.75

Fetched: March 3, 2026, 9:47 a.m., Published: -
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: watch
vendor: apple model: apple tv
db: NVD ids: CVE-2026-20700