CVE-2026-23760 | SmarterTools SmarterMail up to 100.0.9510 Password Reset API authentication bypass

Inserito da Angelo Barbosa | Gen 22, 2026 | CVE

A vulnerability classified as critical has been found in SmarterTools SmarterMail up to 100.0.9510. The impacted element is an unknown function of the component Password Reset API. Performing a manipulation results in authentication bypass using alternate channel.

This vulnerability is reported as CVE-2026-23760. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-23760 | SmarterTools SmarterMail up to 100.0.9510 Password Reset API authentication bypass

Post correlati

CVE-2025-1419 | Proget Konsola MDM up to 2.17.4 cross site scripting

UserPro Plugin userpro_save_userdata cross-site request forgery

CVE-2023-43955 | Phlox com.phlox.tvwebbrowser up to 2.0.0 on Android WebView code injection

CVE-2025-38241 | Linux Kernel up to 6.15.4/6.16-rc3 shmem allocation of resources