Sign-up

VARIoT news about IoT security

Analysis Guidance Ivanti Endpoint Manager Mobile (EPMM) CVE-2026-1281 & CVE-2026-1340

Trust: 5.0

Fetched: Feb. 6, 2026, 9:32 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-1340, CVE-2026-1281

Command Execution Vulnerability in Some Hikvision Wireless Access Point Products - Security Advisory - Hikvision Global

Trust: 4.0

Fetched: Feb. 6, 2026, 9:32 a.m., Published: Feb. 3, 2026, midnight
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: hikvision model: hikvision

Zyxel security advisory for post-authentication command injection vulnerability in the DDNS configuration CLI command of ZLD firewalls | Zyxel Networks

Trust: 5.0

Fetched: Feb. 6, 2026, 9:31 a.m., Published: Feb. 7, 2026, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-11730

CyRC Discovers Critical WLAN Vulnerabilities in ASUS and TP-Link Routers (CVE-2025-14631) | Black Duck Blog

Trust: 3.75

Fetched: Feb. 6, 2026, 9:24 a.m., Published: Jan. 13, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus
vendor: tp-link model: routers
db: NVD ids: CVE-2025-14631

Multiple TP-Link OS Command Injection Vulnerabilities Let Attackers Gain

Trust: 4.5

Fetched: Feb. 6, 2026, 9:24 a.m., Published: Feb. 5, 2026, 10:17 a.m.
 Vulnerabilities: command execution, os command injection, command injection...
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: tp-link model: routers

Critical WatchGuard VPN Client Flaw Enables SYSTEM-Level Command Execution on Windows

Trust: 3.0

Fetched: Feb. 6, 2026, 9:23 a.m., Published: Feb. 3, 2026, midnight
 Vulnerabilities: privilege escalation, command execution
Affected productsExternal IDs

CVE-2026-20045 - Critical Remote Command Execution Vulnerability in Multiple Cisco Unified Communications Products

Trust: 4.5

Fetched: Feb. 6, 2026, 9:22 a.m., Published: Jan. 21, 2026, 4:26 p.m.
 Vulnerabilities: privilege escalation, command execution, improper validation
Affected productsExternal IDs
vendor: cisco model: unified communications
vendor: cisco model: cisco webex
vendor: cisco model: webex
db: NVD ids: CVE-2026-20045

Multiple TP-Link OS Command Injection Flaws Allow Attackers to Gain Admin Control

Trust: 5.75

Fetched: Feb. 6, 2026, 9:22 a.m., Published: Feb. 4, 2026, 1:26 p.m.
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2026-22227, CVE-2026-22222, CVE-2026-22225, CVE-2026-22229, CVE-2026-22221, CVE-2026-22223, CVE-2026-0631, CVE-2026-0630, CVE-2026-22224, CVE-2026-22226

CVE-2026-24858: The vulnerability exposing your Fortinet gear

Trust: 4.25

Fetched: Feb. 6, 2026, 9:20 a.m., Published: Feb. 1, 2026, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-24858

Understanding Is Predictability: A Better Model for Vulnerability Management

Trust: 3.0

Fetched: Feb. 6, 2026, 9:19 a.m., Published: Feb. 3, 2026, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs

Multiple TP-Link OS Command Injection Vulnerabilities Let Attackers Gain Admin Control of the Device

Trust: 6.0

Fetched: Feb. 6, 2026, 9:19 a.m., Published: Feb. 5, 2026, 2:07 a.m.
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
vendor: tp-link model: routers
db: NVD ids: CVE-2026-22227, CVE-2026-22222, CVE-2026-22225, CVE-2026-22229, CVE-2026-22221, CVE-2026-22223, CVE-2026-0631, CVE-2026-0630, CVE-2026-22224, CVE-2026-22226

Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability

Trust: 5.0

Fetched: Feb. 6, 2026, 9:18 a.m., Published: Feb. 4, 2026, 3:55 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: telepresence ce
vendor: cisco model: cisco telepresence
vendor: cisco model: cisco telepresence ce software
vendor: cisco model: telepresence
vendor: cisco model: telepresence ce software
vendor: cisco model: telepresence collaboration endpoint
vendor: cisco model: roomos
vendor: cisco model: cisco roomos

CVE-2026-24061 - GNU InetUtils telnetd Authentication Bypass Vulnerability

Trust: 4.75

Fetched: Feb. 6, 2026, 9:18 a.m., Published: Jan. 30, 2026, 4:15 p.m.
 Vulnerabilities: code execution, service disruption, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-24061

Critical ASUSTOR NAS Security Flaw Enables Complete Device Takeover

Trust: 4.0

Fetched: Feb. 6, 2026, 9:18 a.m., Published: Feb. 4, 2026, 11:09 a.m.
 Vulnerabilities: input validation vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2026-24936

Reset your Android device to factory settings - Android Help

Trust: 3.0

Fetched: Feb. 6, 2026, 9:13 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Access Denied

Trust: 3.25

Fetched: Feb. 4, 2026, 9:33 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome

Telegram Vulnerability Exposed: Authentication Flaw | Enigma Security posted on the topic | LinkedIn

Trust: 5.25

Fetched: Feb. 4, 2026, 9:32 a.m., Published: -
 Vulnerabilities: authentication flaw
Affected productsExternal IDs
vendor: wireshark model: wireshark

Update Canonical Ubuntu Desktop: USN-7993-1: libpng vulnerabilities

Trust: 4.25

Fetched: Feb. 4, 2026, 9:32 a.m., Published: Jan. 4, 7993, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Update Canonical Ubuntu Desktop: USN-7999-1: Filelock vulnerabilities

Trust: 6.25

Fetched: Feb. 4, 2026, 9:31 a.m., Published: Jan. 4, 7999, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2026-22701, CVE-2025-68146

Update Canonical Ubuntu Desktop: USN-7995-1: OpenJDK 25 vulnerabilities

Trust: 4.0

Fetched: Feb. 4, 2026, 9:31 a.m., Published: Jan. 4, 7995, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2026-21932, CVE-2026-21933, CVE-2026-21945, CVE-2026-21925