SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29SEC Consult Vulnerability Lab Security Advisory < 20260427-0 >
=======================================================================
title: Missing TLS Certificate Validation leading to RCE
product: DeskTime Time Tracking App
vulnerable version: 1.3.671
fixed version: -
CVE number: CVE-2025-10539
impact: medium
homepage:https://desktime.com...
