📦 Smartermail

This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands on SmarterMail servers by pointing them to malicious HTTP servers. Attackers can achieve full system ...

CVE-2026-23760 is an authentication bypass vulnerability in SmarterMail's password reset API that allows unauthenticated attackers to reset administrator passwords. This leads to full administrative c...

This critical vulnerability allows unauthenticated attackers to upload arbitrary files to any location on vulnerable SmarterMail servers, potentially leading to remote code execution. It affects Smart...

CVE-2021-32234 is a remote code execution vulnerability in SmarterTools SmarterMail email server software. Attackers can execute arbitrary code on affected systems without authentication. Organization...

This vulnerability allows man-in-the-middle attackers to inject plaintext commands into encrypted POP3 sessions in SmarterMail. Attackers can pipeline commands after a STARTTLS command, potentially co...