MeldSecurity
Press Enter to search
CVE Database & Search β†’
Sign In Get Started

CVE-2026-23760

🚨 CRITICAL

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails t...

Published
Jan 22, 2026
Last Modified
Jan 27, 2026
Views
7
Bookmarks
0

Description

Request Expert Review

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance. NOTE:Β SmarterMail system administrator privileges grant the ability to execute operating system commands via built-in management functionality, effectively providing administrative (SYSTEM or root) access on the underlying host.

Affected Products (1)

smartertools - smartermail

Version: *

CVSS Scores

CVSS 3.1 9.8
9.8
CRITICAL
CVSS 2.0 9.8

References

code-white.com labs.watchtowr.com www.smartertools.com www.vulncheck.com www.cisa.gov www.huntress.com

Additional Information

Source
disclosure@vulncheck.com
State
Analyzed

Related CVEs

CVE-2026-26079

MEDIUM

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.

Score: 4.7

CVE-2026-1893

MEDIUM

The Orbisius Random Name Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btn_label' parameter in the 'orbisius_ra...

Score: 6.4

CVE-2026-1231

MEDIUM

The Beaver Builder Page Builder – Drag and Drop Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `js` Global...

Score: 6.4

CVE-2025-15524

MEDIUM

The Gallery by FooGallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax_get_gallery_...

Score: 4.3

CVE-2025-14541

HIGH

The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.22 via the conditional_...

Score: 7.2

CVE-2025-13431

MEDIUM

The SlimStat Analytics plugin for WordPress is vulnerable to time-based SQL Injection via the β€˜args’ parameter in all versions up to, and including, 5...

Score: 6.5

Share CVE-2026-23760

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2026-23760 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis