CVE-2026-46186

A flaw was found in the Linux kernel's virtiobt Bluetooth virtual device driver. An untrusted backend can exploit this vulnerability by sending malformed Bluetooth packets with an insufficient header length. This can cause the system to read uninitialized kernel memory, potentially leading to...

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...

PT-2026-7781

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.3 iPadOS versions prior to 26.3 macOS versions prior to Tahoe 26.3 tvOS versions prior to 26.3 watchOS versions prior to 26.3 visionOS versions prior to 26.3 Description A denial-of-service issue exists due to...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

CVE-2025-5475

Sony XAV-AX8500 Bluetooth Packet Handling Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with t...

CVE-2024-48981

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does n...

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 安全漏洞

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 is a personal weighing scale from BPL. A security vulnerability exists in BPL Personal Weighing Scale PWS-01BT IND/09/18/599 that originates from sending sensitive information in unencrypted BLE packets...

zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by the Zephyr Project. A security vulnerability exists in zephyr 3.6 and earlier versions, which stems from a vulnerability that allows an attacker to crash a BLE device by sending a malformed gatt packet...

CVE-2023-42941

The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets...

Code injection

The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets...

CVE-2023-42941

The CVE-2023-42941 issue affects Bluetooth handling in iOS 17.2 and iPadOS 17.2. The root cause is insufficient checks in Bluetooth packet processing that allow an attacker in a privileged network position to trigger a denial-of-service condition. Affected software is Apple iOS 17.2 and iPadOS 17...

CVE-2023-42941

The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 17.2 and iPadOS version 17.2, which originates from an...

SUSE Linux Enterprise Server 安全漏洞

SUSE Linux Enterprise Server is a suite of enterprise server edition Linux operating systems from the German company SUSE. A security vulnerability exists in SUSE Linux Enterprise Server, which originates from a boundary error in the handling of the AVRCP protocol, which could allow a remote...

CVE-2023-23528

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory...

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple, Inc. Apple tvOS suffers from a buffer error vulnerability, which stems from the fact that processing maliciously crafted Bluetooth packets may result in a process memory leak...