About six months ago, security researchers flagged vulnerabilities in Airoha-based Bluetooth headphones and earbuds, delaying full technical disclosure to give manufacturers time to address the issues. Now, they've released details on three specific vulnerabilities: CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702. Along with the blog post, there's a white paper and a toolkit called RACE Toolkit, designed for users and researchers to check if their devices are affected. Airoha is a significant player in the Bluetooth audio market, especially with True Wireless Stereo (TWS) earbuds. The vulnerabilities stem from Airoha's custom Bluetooth protocol, RACE, which allows unauthorized access to memory on devices without needing authentication. This means an attacker in range can manipulate the device's RAM and flash memory, potentially eavesdropping on conversations by exploiting the Bluetooth Hands-Free Profile (HfP). The article provides a technical overview of Bluetooth protocols, explaining the differences between Bluetooth Classic and Bluetooth Low Energy (BLE), including how pairing and addressing work. It highlights that many Airoha devices do not enforce authentication protocols properly, leaving them exposed. Understanding these vulnerabilities is crucial for users to safeguard their devices and for vendors to develop effective patches.