VDB
CVE-2026-23760
CVE-2026-23760
PUBLISHED
KEV
CVSS 9.300000190734863 CRITICAL
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance.
EPSS 81.65% · 99.2th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
81.65%
99.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SmarterTools | SmarterMail | 0, 0 |
| smartertools | smartermail | 0, 0, 0 |
Exploit Intelligence
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- CIRCL seen: CVE-2026-23760 (circl-sighting)
- CIRCL exploited: CVE-2026-23760 (circl-sighting)
- CIRCL exploited: CVE-2026-23760 (circl-sighting)
- CIRCL seen: CVE-2026-23760 (circl-sighting)
- CIRCL exploited: CVE-2026-23760 (circl-sighting)
…and 148 more exploits
Timeline
- May 17, 2022 CrowdSec Sighting
- Oct 20, 2022 CrowdSec Sighting
- Dec 18, 2022 CrowdSec Sighting
- Dec 23, 2022 CrowdSec Sighting
- Dec 23, 2022 CrowdSec Sighting
- Dec 24, 2022 CrowdSec Sighting
- Dec 26, 2022 CrowdSec Sighting
- Dec 27, 2022 CrowdSec Sighting
- Jan 31, 2023 CrowdSec Sighting
- Mar 9, 2023 CrowdSec Sighting
- Apr 5, 2023 CrowdSec Sighting
- May 28, 2023 CrowdSec Sighting
References
- https://www.smartertools.com/smartermail/release-notes/current patch
- https://labs.watchtowr.com/attackers-with-decompilers-strike-again-smartertools-smartermail-wt-2026-0001-auth-bypass/ exploit
- https://code-white.com/public-vulnerability-list/#authenticationserviceforceresetpassword-missing-authentication-in-smartermail third-party-advisory
- https://www.vulncheck.com/advisories/smartertools-smartermail-authentication-bypass-via-password-reset-api third-party-advisory
- https://www.huntress.com/blog/smartermail-account-takeover-leading-to-rce third-party-advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-23760 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23760 advisory
- https://labs.watchtowr.com/attackers-with-decompilers-strike-again-smartertools-smartermail-wt-2026-0001-auth-bypass url