Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SmarterMail arbitrary file upload RCE (CVE-2025-52691)

Vulnerability
First reported
Last updated
Happening score
H score 56
1 unique sources, 1 articles

Summary

Hide ▲

SmarterTools SmarterMail has a maximum-severity flaw, CVE-2025-52691, that affects Build 9406 and earlier and can let an unauthenticated attacker reach remote code execution through arbitrary file upload. The issue was fixed in Build 9413, with Build 9483 later recommended for best protection. The flaw matters because attackers could drop malicious binaries or web shells onto the mail server and execute them with the service's privileges.

Related Happenings

SmarterMail initial-access ransomware campaign with delayed encryption

Campaign
First: 18.02.2026 18:27 Last: 18.02.2026 18:27 Sources 1

About this happening: A **SmarterMail** ransomware campaign is using newly disclosed email-server flaws for **initial access** and delaying encryption, raising the risk that exposed mail systems become...

Open Happening

CISA SmarterMail remediation guidance for CVE-2026-24423

Advisory/Mitigation
First: 06.02.2026 19:16 Last: 06.02.2026 19:16 Sources 1

About this happening: **SmarterMail** is at the center of a **CVE-2026-24423** remediation and exploitation wave: the flaw enables **unauthenticated remote code execution** in versions prior to **Build...

Open Happening

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

Open Happening

SmarterMail unauthenticated RCE in ConnectToHub API (CVE-2026-24423)

Vulnerability
First: 30.01.2026 09:09 Last: 30.01.2026 09:09 Sources 1

About this happening: **SmarterMail** versions prior to **Build 9511** contain **CVE-2026-24423**, an **unauthenticated remote code execution** flaw in the **ConnectToHub API** that could let an attack...

Open Happening

SmarterMail CVE-2026-23760 mass exploitation wave

Exploitation Wave
First: 27.01.2026 16:09 Last: 27.01.2026 16:09 Sources 1

About this happening: **CVE-2026-23760** is being exploited against **SmarterMail** to bypass authentication on **internet-facing mail servers**, creating takeover risk across **thousands of exposed in...

Open Happening

Timeline

  1. 30.12.2025 18:28 1 articles · 4mo ago

    SmarterMail Build 9413 fixes CVE-2025-52691

    Mitigation Patch Update

    SmarterTools released SmarterMail Build 9413 on October 9, 2025 to address CVE-2025-52691, a maximum-severity arbitrary file upload flaw that could let an unauthenticated attacker reach remote code execution on the mail server.

    Show sources
    Open in new tab
  2. 30.12.2025 18:28 1 articles · 4mo ago

    SmarterMail Build 9483 becomes the latest recommended protection

    Mitigation Patch Update

    SmarterTools released SmarterMail Build 9483 on December 18, 2025 and recommended it as the latest version for protection against CVE-2025-52691, which affects Build 9406 and earlier.

    Show sources
    Open in new tab
  3. 30.12.2025 18:28 2 articles · 4mo ago

    CSA issues bulletin on SmarterMail RCE risk

    Initial Disclosure

    The Cyber Security Agency of Singapore issued a bulletin on December 30, 2025 warning that CVE-2025-52691 in SmarterMail could let an unauthenticated attacker upload arbitrary files to the mail server and potentially achieve remote code execution.

    Show sources
    Open in new tab