Yarbo Lawn Mower Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Yarbo Lawn Mower Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-7414 — CVSS 9.8 (critical): Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across…
CVE-2026-7415 — CVSS 9.8 (critical): The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any…
CVE-2026-7413 — CVSS 7.2 (high): A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to…