VARIoT latest news about IoT security

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog Trust: 5.25 Fetched: Feb. 20, 2026, 9:44 a.m., Published: Jan. 28, 2026, 7:25 p.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-24858

Critical CVE-2025-64712 Vulnerability in Unstructured.io Exposes Amazon and Google to Remote Code Execution Trust: 4.75 Fetched: Feb. 20, 2026, 9:43 a.m., Published: Feb. 13, 2026, 1:40 p.m.	Vulnerabilities: script injection, code execution, path traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2025-64712, CVE-2025-647129

Update Canonical Ubuntu Desktop: USN-8049-1: Nova vulnerability Trust: 3.0 Fetched: Feb. 20, 2026, 9:42 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

Analysis of Attacks and Mitigation Techniques in IoT Environments: A Comprehensive Approach to Ensuring Security in the Era of Connectivity \| Springer Nature Link Trust: 3.25 Fetched: Feb. 20, 2026, 9:42 a.m., Published: Feb. 20, 2026, midnight	Vulnerabilities: denial of service

Affected products	External IDs

Still using WinRAR? You should probably look out for these potentially dangerous security flaws \| TechRadar Trust: 4.75 Fetched: Feb. 20, 2026, 9:41 a.m., Published: Jan. 28, 2026, 7:05 p.m.	Vulnerabilities: directory traversal, path traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2025-8088

Update Canonical Ubuntu Desktop: USN-8044-1: alsa-lib vulnerability Trust: 3.75 Fetched: Feb. 20, 2026, 9:41 a.m., Published: Jan. 20, 8044, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	canonical	model:	ubuntu
vendor:	alsa	model:	alsa

CVE-2026-24834: Kata Guest VM RCE via pmem \| Miggo Trust: 4.75 Fetched: Feb. 20, 2026, 9:40 a.m., Published: Feb. 20, 2025, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2026-24834

Grandstream VoIP Phones Hacked: Critical Remote Code Execution Vulnerability (CVE-2026-2329) - Newsy Today Trust: 3.75 Fetched: Feb. 20, 2026, 9:37 a.m., Published: Feb. 19, 2026, 7:41 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2026-2329

Mobile Device CVEs and Security Vulnerabilities - OpenCVE Trust: 4.5 Fetched: Feb. 20, 2026, 9:37 a.m., Published: Feb. 3, 2026, midnight	Vulnerabilities: command injection, authorization vulnerability, os command injection...

Affected products

External IDs

vendor:	dell	model:	unisphere
vendor:	sonos	model:	sonos

8 VoIP Security Issues That Threaten Your Business - CloudTalk Trust: 3.75 Fetched: Feb. 20, 2026, 9:35 a.m., Published: Aug. 26, 2022, 7 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

essential

model:

phone

Critical vm2 Sandbox Vulnerability in Node.js Lets Attackers Run Untrusted Code Trust: 5.75 Fetched: Feb. 20, 2026, 9:34 a.m., Published: Jan. 27, 2026, 11:49 a.m.	Vulnerabilities: command execution, code execution, arbitrary command execution

Affected products

External IDs

vendor:

node.js

model:

node.js

db:

NVD

ids:

CVE-2026-22709

Urgent iPhone Security Update: Why You Need to Install It Now - iDefend Trust: 3.5 Fetched: Feb. 20, 2026, 9:32 a.m., Published: Feb. 17, 2026, 10:26 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad

Critical Vulnerabilities Reported in PUSR USR-W610 Industrial IoT Devices Trust: 4.25 Fetched: Feb. 20, 2026, 9:29 a.m., Published: Feb. 9, 2026, midnight	Vulnerabilities: weak password

Affected products

External IDs

db:

NVD

ids:

CVE-2026-25715, CVE-2026-26049, CVE-2026-26048, CVE-2026-24455

Cyber Threats Intensify Across Global Health Sector Trust: 3.75 Fetched: Feb. 20, 2026, 9:28 a.m., Published: Feb. 17, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

Surface Pro 10 February 2026 update is now live Trust: 3.75 Fetched: Feb. 20, 2026, 9:28 a.m., Published: Feb. 17, 2026, midnight	Vulnerabilities: information disclosure, authentication bypass, code execution...

Affected products	External IDs

Connected Device Cybersecurity: How to Meet New Consumer IoT Regulations Trust: 3.75 Fetched: Feb. 20, 2026, 9:26 a.m., Published: Feb. 7, 2026, midnight	Vulnerabilities: default credentials

Affected products	External IDs

CVE-2025-47865: Local File Inclusion Vulnerability in Trend Micro Apex Central Widget - Ameeba Exploit Tracker Trust: 5.5 Fetched: Feb. 20, 2026, 9:26 a.m., Published: Nov. 30, 0001, midnight	Vulnerabilities: local file inclusion, file inclusion, code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2025-47865

Understanding CVE-2025-67399: Vulnerability in AIRTH SMART HOME AQI MONITOR Bootloader Trust: 4.0 Fetched: Feb. 20, 2026, 9:25 a.m., Published: Feb. 1, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-67399

iOS 26.3 update warning highlights urgent iPhone security risk Trust: 5.75 Fetched: Feb. 20, 2026, 9:25 a.m., Published: Feb. 15, 2026, 4:22 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	software update
vendor:	apple	model:	webkit

db:

NVD

ids:

CVE-2026-20700, CVE-2025-14174, CVE-2025-43529

U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog Trust: 4.5 Fetched: Feb. 20, 2026, 9:24 a.m., Published: Feb. 19, 2026, 3:16 p.m.	Vulnerabilities: request forgery, command execution, path traversal

Affected products

External IDs

vendor:

google

model:

nexus

db:

NVD

ids:

CVE-2021-22175, CVE-2026-22769, CVE-2020-7796

VARIoT news about IoT security