Sign-up

VARIoT news about IoT security

Update Canonical Ubuntu Desktop: USN-7973-1: cJSON vulnerabilities

Trust: 6.0

Fetched: Jan. 30, 2026, 9:43 a.m., Published: Jan. 30, 7973, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2023-53154, CVE-2025-57052, CVE-2023-26819

Update Canonical Ubuntu Server: USN-7977-1: Git LFS vulnerabilities

Trust: 4.0

Fetched: Jan. 30, 2026, 9:42 a.m., Published: Jan. 30, 7977, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-53263, CVE-2025-26625

Update Canonical Ubuntu Desktop: USN-7981-1: wlc vulnerabilities

Trust: 4.25

Fetched: Jan. 30, 2026, 9:42 a.m., Published: Jan. 30, 7981, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2026-22250, CVE-2026-22251

H-ISAC TLP White Active Exploitations of an Authentication Bypass Vulnerability | AHA

Trust: 3.25

Fetched: Jan. 30, 2026, 9:42 a.m., Published: Jan. 28, 2026, 2:13 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs

Why Default Passwords Are Still the Biggest Cybersecurity Risk in 2026 - Shunyatax Global

Trust: 4.0

Fetched: Jan. 30, 2026, 9:41 a.m., Published: Jan. 30, 2026, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs

Update Canonical Ubuntu Desktop: USN-7980-1: OpenSSL vulnerabilities

Trust: 6.0

Fetched: Jan. 30, 2026, 9:39 a.m., Published: Jan. 30, 7980, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-15467, CVE-2025-69418, CVE-2025-68160, CVE-2025-66199, CVE-2025-11187, CVE-2026-22795, CVE-2026-22796, CVE-2025-15468, CVE-2025-69421, CVE-2025-69420, CVE-2025-69419, CVE-2025-15469

Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution

Trust: 3.0

Fetched: Jan. 30, 2026, 9:35 a.m., Published: Jan. 30, 2026, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

CVE-2025-26785: Critical Buffer Overflow Vulnerability in Samsung Mobile and Wearable Processors - Ameeba Exploit Tracker

Trust: 5.5

Fetched: Jan. 30, 2026, 9:35 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: code execution, system crash, buffer overflow
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: samsung mobile
vendor: samsung model: exynos
db: NVD ids: CVE-2025-26785

XSS vulnerability in LiveHelperChat and CVE-2026-0483

Trust: 4.75

Fetched: Jan. 30, 2026, 9:34 a.m., Published: Jan. 28, 2026, 9:32 a.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2026-0483

CVE-2025-15543 - Read-Only Root Access via USB Storage Device in TP-Link VX800v

Trust: 3.0

Fetched: Jan. 30, 2026, 9:33 a.m., Published: Jan. 29, 2026, 7:16 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-15543

Fortinet 2026 FortiCloud SSO Authentication Bypass Breach

Trust: 5.0

Fetched: Jan. 30, 2026, 9:32 a.m., Published: Jan. 30, 2026, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-24858

CVE-2025-48647 : Memory Overwrite Vulnerability in Google Pixel Products

Trust: 6.25

Fetched: Jan. 30, 2026, 9:29 a.m., Published: Jan. 16, 2026, 6:19 p.m.
 Vulnerabilities: memory overwrite
Affected productsExternal IDs
vendor: google model: pixel
db: NVD ids: CVE-2025-48647

Microsoft rolled out new firmware updates (January 26, 2026) for Surface Pro 10

Trust: 3.75

Fetched: Jan. 30, 2026, 9:28 a.m., Published: Jan. 26, 2026, midnight
 Vulnerabilities: information disclosure, denial of service, authentication bypass
Affected productsExternal IDs

Smile, You’re Being Hacked: Nozomi Networks Labs Finds Five New Flaws in Hanwha Wisenet Cameras

Trust: 4.5

Fetched: Jan. 30, 2026, 9:27 a.m., Published: Jan. 28, 2026, midnight
 Vulnerabilities: code execution, command execution, default credentials...
Affected productsExternal IDs
db: NVD ids: CVE-2025-52599, CVE-2025-52601, CVE-2025-52600, CVE-2025-52598, CVE-2025-8075

3,280,081 Fortinet Devices Online With Exposed Web Properties Under Risk

Trust: 6.25

Fetched: Jan. 30, 2026, 9:26 a.m., Published: Jan. 30, 2026, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2026-24858

CVE-2026-24858 | Tenable®

Trust: 4.25

Fetched: Jan. 30, 2026, 9:25 a.m., Published: July 6, 2000, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-24858

3.28 Million Fortinet Devices at Risk Due to Exposed Web Properties

Trust: 4.25

Fetched: Jan. 30, 2026, 9:24 a.m., Published: Jan. 30, 2026, 6:35 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-24858

Ivanti Patches Two Exploited Zero-Days In Mobile Manager

Trust: 4.75

Fetched: Jan. 30, 2026, 9:23 a.m., Published: Jan. 30, 2026, 8:51 a.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-1340, CVE-2026-1281

TP-Link Archer Router Flaw Exposes Users to Remote Attacks and Full Device Control

Trust: 6.0

Fetched: Jan. 30, 2026, 9:23 a.m., Published: Jan. 28, 2026, 11:10 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2025-14756

Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 | CISA

Trust: 6.0

Fetched: Jan. 30, 2026, 9:22 a.m., Published: -
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59719, CVE-2025-59718, CVE-2026-24858