Sign-up

VARIoT news about IoT security

CVE-2026-0796 - Vulnerability Details - OpenCVE

Trust: 4.75

Fetched: Jan. 27, 2026, 7:23 p.m., Published: Jan. 27, 8180, midnight
 Vulnerabilities: command injection, code execution, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-0796

CVE-2025-71157 - RDMA/core: always drop device refcount in ib_del_sub_device_and_put()

Trust: 3.0

Fetched: Jan. 27, 2026, 7:23 p.m., Published: Jan. 23, 2026, 3:16 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-71157

VU#650657 - Livewire Filemanager contains an insecure .php component that allows for unauthenticated RCE in Laravel Products

Trust: 4.0

Fetched: Jan. 27, 2026, 7:22 p.m., Published: Jan. 16, 2026, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-14894

iPhone Security Crisis: 80% Remain Vulnerable Despite Patches

Trust: 3.5

Fetched: Jan. 27, 2026, 7 p.m., Published: Jan. 26, 2026, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: apple model: safari
vendor: apple model: software update
vendor: apple model: ipad
vendor: apple model: tvos
vendor: apple model: ipad air
vendor: apple model: webkit
vendor: apple model: watchos
vendor: apple model: iphone

The Unsettling Persistence of Insecurity: Nearly 800,000 Telnet Servers Exposed to Critical Remote Attacks

Trust: 3.5

Fetched: Jan. 27, 2026, 6:59 p.m., Published: -
 Vulnerabilities: default credentials, code execution, authentication bypass
Affected productsExternal IDs

Fortinet Confirms Active Exploitation of FortiCloud SSO Authentication Bypass Vulnerability

Trust: 6.0

Fetched: Jan. 27, 2026, 6:59 p.m., Published: Jan. 23, 2026, 11:52 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59718, CVE-2025-59719

Critical Reference Count Vulnerability in Linux Kernel - CVE-2025-71157

Trust: 5.25

Fetched: Jan. 27, 2026, 6:58 p.m., Published: Jan. 23, 2026, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-71157

Apple iPhone Security Alert: WebKit Flaw Threatens Mobile Commerce

Trust: 5.25

Fetched: Jan. 27, 2026, 6:58 p.m., Published: Jan. 20, 2026, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: tvos
vendor: apple model: ipad air
vendor: apple model: webkit
vendor: apple model: watchos
vendor: apple model: iphone
db: NVD ids: CVE-2025-14174, CVE-2025-43529

Google Fast Pair WhisperPair flaws allow Bluetooth device hijacking | Fox News

Trust: 3.5

Fetched: Jan. 27, 2026, 6:56 p.m., Published: Jan. 27, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: pixel
vendor: google model: android
vendor: apple model: software update
vendor: apple model: iphone
vendor: oneplus model: one
vendor: oneplus model: oneplus

CVE-2026-20045 | TenableĀ®

Trust: 3.5

Fetched: Jan. 27, 2026, 6:55 p.m., Published: Jan. 22, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-20045

How to spot and stop everyday cyberattacks | PCWorld

Trust: 4.25

Fetched: Jan. 27, 2026, 6:55 p.m., Published: Jan. 27, 2026, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android
vendor: apple model: mac os

Mass Exploitation Of Fortinet FortiGate Via FortiCloud SSO Vulnerability CVE-2025-59718

Trust: 3.75

Fetched: Jan. 27, 2026, 6:54 p.m., Published: Jan. 26, 2026, 2:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59718, CVE-2025-59719

Approve, block, unblock, or delete a managed device - Google Workspace Admin Help

Trust: 3.5

Fetched: Jan. 27, 2026, 6:53 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android

2026 Device Vulnerabilities Surge: AI Exploits Threaten IoT and Infrastructure

Trust: 4.5

Fetched: Jan. 25, 2026, 9:29 a.m., Published: Jan. 25, 2026, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
db: NVD ids: CVE-2026-22910, CVE-2026-22920

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data | TechRadar

Trust: 4.0

Fetched: Jan. 25, 2026, 9:29 a.m., Published: Jan. 23, 2026, 3:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2025-59719, CVE-2025-59718

WhisperPair: What the New Bluetooth Fast Pair Vulnerability Means for Your Devices

Trust: 3.75

Fetched: Jan. 25, 2026, 9:27 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: oneplus model: 3
vendor: oneplus model: oneplus
vendor: xiaomi model: redmi
db: NVD ids: CVE-2025-36911

Cisco Unified Communications Products Remote Code Execution Vulnerability - Cisco

Trust: 3.5

Fetched: Jan. 25, 2026, 9:24 a.m., Published: Jan. 23, 2026, 7:37 a.m.
 Vulnerabilities: code execution, improper validation
Affected productsExternal IDs
vendor: cisco model: cisco unified communications manager
vendor: cisco model: cisco unity
vendor: cisco model: unity connection
vendor: cisco model: cisco webex
vendor: cisco model: unified communications manager im & presence service
vendor: cisco model: unity
vendor: cisco model: cisco unity connection
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: webex
vendor: cisco model: unified communications
vendor: cisco model: unified communications manager

Audio Accessory Flaw Turns Headphones into a Spy Device - Breach Spot

Trust: 3.0

Fetched: Jan. 25, 2026, 9:24 a.m., Published: Jan. 24, 2026, 4:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-36911

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Trust: 4.0

Fetched: Jan. 25, 2026, 9:23 a.m., Published: Jan. 23, 2026, 12:30 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-59719, CVE-2025-59718

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Trust: 4.5

Fetched: Jan. 25, 2026, 9:18 a.m., Published: Jan. 22, 2026, 4:06 a.m.
 Vulnerabilities: privilege escalation, improper validation
Affected productsExternal IDs
vendor: cisco model: asyncos software
vendor: cisco model: cisco unity
vendor: cisco model: unity connection
vendor: cisco model: unity
vendor: cisco model: cisco unity connection
vendor: cisco model: asyncos
vendor: cisco model: webex
vendor: cisco model: unified communications
db: NVD ids: CVE-2026-20045, CVE-2025-20393