Known Vulnerabilities for Yarbo by Vendor
Listed below are 5 of the newest known vulnerabilities associated with "Yarbo" by "Vendor".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-10557 json | The Yarbo Android and iOS applications contain hard-coded MQTT broker credentials that are identical for all users and all de... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-7415 json | The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or wr... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-7414 json | Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are ide... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-7413 json | A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticat... | Not Provided | 2026-05-07 | 2026-05-08 |
| CVE-2026-7368 json | The Yarbo cloud does not enforce per-device or per-user authorization. Any client possessing valid credentials, whether the s... | Not Provided | 2026-06-12 | 2026-06-12 |