Full Disclosure
SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud) 22 February 2026 at 18:03

SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud)

22 February 2026 at 18:03

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 22

SEC Consult Vulnerability Lab Security Advisory < 20260218-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: NesterSoft WorkTime (on-prem/cloud)
vulnerable version: <= 11.8.8
fixed version: No patch available, vendor unresponsive.
CVE number: CVE-2025-15563, CVE-2025-15562, CVE-2025-15561...

Full Disclosure
[KIS-2026-04] SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability 22 February 2026 at 18:03

[KIS-2026-04] SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability

Full Disclosure

22 February 2026 at 18:03

Posted by Egidio Romano on Feb 22

----------------------------------------------------------------------------
SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability
----------------------------------------------------------------------------

[-] Software Link:

https://www.smartertools.com/smartermail/business-email-server

[-] Affected Versions:

Build 9518 and prior builds.

[-] Vulnerability Description:

User input passed through the...

Full Disclosure
SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models 16 February 2026 at 21:10

SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models

Full Disclosure

16 February 2026 at 21:10

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 16

SEC Consult Vulnerability Lab Security Advisory < 20260212-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Various Solax Power Pocket WiFi models
vulnerable version: See section below
fixed version: See section below
CVE number: CVE-2025-15573, CVE-2025-15574, CVE-2025-15575
impact: High...

Full Disclosure
[Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0 16 February 2026 at 21:08

[Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0

Full Disclosure

16 February 2026 at 21:08

Posted by privexploits via Fulldisclosure on Feb 16

Advisory: Authenticated Remote Code Execution in pfSense CECVEs: CVE-2025-69690, CVE-2025-69691
Researcher: Nelson Adhepeau (privexploits () protonmail com)
Date: February 2026

== RESPONSIBLE DISCLOSURE NOTICE ==

This advisory is published in accordance with responsible disclosure practices.

The vendor was notified on December 2, 2025, acknowledged the reports, and indicated no patches would be issued.
Publication follows standard 90-day...

Full Disclosure
APPLE-SA-02-11-2026-9 Safari 26.3 16 February 2026 at 21:06

APPLE-SA-02-11-2026-9 Safari 26.3

Full Disclosure

16 February 2026 at 21:06