CVE-2026-34126 Bluetooth Communication Uses Unencrypted Transmission During Initial Setup on TP-Link's Tapo L535E, P300 and D100C

TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Tapo P300 v1.0, and Tapo D100C v1.0, where Bluetooth communication during the initial setup phase is transmitted in cleartext without encryption. Bluetooth is only used during initialization. An attacker within the Bluetooth rang...

PT-2026-44456

TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Tapo P300 v1.0, and Tapo D100C v1.0, where Bluetooth communication during the initial setup phase is transmitted in cleartext without encryption. Bluetooth is only used during initialization. An attacker within the Bluetooth rang...

CVE-2025-24836 Qardio Heart Health IOS and Android Application and QardioARM A100 Uncaught Exception

With a specially crafted Python script, an attacker could send continuous startMeasurement commands over an unencrypted Bluetooth connection to the affected device. This would prevent the device from connecting to a clinician's app to take patient readings and ostensibly flood it with requests,...

CVE-2025-24836

CVE-2025-24836 affects Qardio Heart Health iOS/Android apps and QardioARM A100 hardware. A specially crafted Python script can send continuous startMeasurement commands over an unencrypted Bluetooth connection, preventing the device from linking with a clinician’s app and flooding it with request...

CVE-2025-24836 Qardio Heart Health IOS and Android Application and QardioARM A100 Uncaught Exception

With a specially crafted Python script, an attacker could send continuous startMeasurement commands over an unencrypted Bluetooth connection to the affected device. This would prevent the device from connecting to a clinician's app to take patient readings and ostensibly flood it with requests,...

Qardio Heart Health 安全漏洞

Qardio Heart Health is a heart monitoring management software from Qardio, Inc. in the United States. A security vulnerability exists in Qardio Heart Health that stems from the use of a specially crafted Python script that sends successive startMeasurement commands to an affected device over an...

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 安全漏洞

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 is a personal weighing scale from BPL. A security vulnerability exists in BPL Personal Weighing Scale PWS-01BT IND/09/18/599 that originates from sending sensitive information in unencrypted BLE packets...

CVE-2021-31615

CVE-2021-31615 describes a vulnerability in BLE baseband handling where unencrypted Bluetooth Low Energy links (Bluetooth Core Specifications 4.0–5.2) may allow an adjacent device to inject a crafted packet during the listen window, enabling full MITM status before the transmitter begins its pack...

CVE-2020-11539

An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that the smart band has no pairing mode 0 Bluetooth LE security level The data being transmitted over the air is not encrypted. Adding to this, the data being sent to the smart band doesn't have any...