Topic: smartermail vulnerability

Sort by: Relevance | Date
  • 6,000+ SmarterMail Servers Vulnerable to Hijacking
    January 29, 2026

    6,000+ SmarterMail Servers Vulnerable to Hijacking

    A critical authentication bypass vulnerability (CVE-2026-23760) in SmarterMail email servers allows attackers to reset administrator passwords and take full control of unpatched systems. Security researchers have identified thousands of vulnerable servers, with evidence of widespread, automated e...

    Read More »
  • SmarterMail Flaw Lets Attackers Hijack Admin Accounts
    January 25, 2026

    SmarterMail Flaw Lets Attackers Hijack Admin Accounts

    A critical authentication bypass flaw in SmarterMail's 'force-reset-password' API endpoint allows attackers to hijack administrator accounts and gain full server control. Threat actors began exploiting the vulnerability just two days after the patch was released, suggesting they reverse-engineere...

    Read More »

Related Topics

active exploitation (2) remote code execution (2) authentication bypass (2) vulnerability disclosure (2) cve identifier (2) mass exploitation (1) vulnerability scanning (1) security research (1)