#smartermail
#smartermail

[ follow ]

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

SmarterMail fixes critical RCE (CVE-2026-24423, CVSS 9.3) and NTLM relay path-coercion vulnerabilities in builds 9511 and 9518.

Information security

fromThe Hacker News

1 week ago

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

An authentication bypass in SmarterMail allows unauthenticated users to reset any system administrator password via /api/v1/auth/force-reset-password, enabling potential full system compromise.

fromThe Hacker News

1 month ago

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution. The vulnerability, tracked as CVE-2025-52691, carries a CVSS score of 10.0. It relates to a case of arbitrary file upload that could enable code execution without requiring any authentication.

Information security

[ Load more ]

#smartermail#smartermail

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

#smartermail
#smartermail