CISA SmarterMail remediation guidance for CVE-2026-24423
Advisory/Mitigation
Summary
Hide ▲
Show ▼
SmarterMail is at the center of a CVE-2026-24423 remediation and exploitation wave: the flaw enables unauthenticated remote code execution in versions prior to Build 9511, while CVE-2026-23760 adds authentication-bypass risk on exposed email servers. CISA added CVE-2026-24423 to the Known Exploited Vulnerabilities catalog after confirming active ransomware exploitation, and directed federal agencies and other BOD 22-01 entities to apply updates, use vendor mitigations, or stop using the product by February 26, 2026.
Cases
Related Happenings
Microsoft security patch release for CVE-2026-42824
Security Patch Release
H score30
First: 15.06.2026 16:00
Last: 15.06.2026 16:00
Sources 1
About this happening:
Microsoft's **fix for SearchLeak** in **Microsoft 365 Copilot Enterprise** closed a **critical** flaw tied to **CVE-2026-42824** that could expose **mailbox, OneDrive, and SharePo...
Microsoft security patch release for CVE-2026-42824
Security Patch ReleaseAbout this happening: Microsoft's **fix for SearchLeak** in **Microsoft 365 Copilot Enterprise** closed a **critical** flaw tied to **CVE-2026-42824** that could expose **mailbox, OneDrive, and SharePo...
Microsoft 365 Copilot Enterprise SearchLeak remote code execution flaw (CVE-2026-42824)
Vulnerability
H score34
First: 15.06.2026 16:00
Last: 15.06.2026 16:00
Sources 1
About this happening:
**Microsoft 365 Copilot Enterprise Search** has a **critical** vulnerability chain, **SearchLeak**, that could let a user leak **emails, calendar details, MFA codes, and indexed f...
Microsoft 365 Copilot Enterprise SearchLeak remote code execution flaw (CVE-2026-42824)
VulnerabilityAbout this happening: **Microsoft 365 Copilot Enterprise Search** has a **critical** vulnerability chain, **SearchLeak**, that could let a user leak **emails, calendar details, MFA codes, and indexed f...
Splunk Enterprise security update for CVE-2026-20253
Security Patch Release
H score52
First: 13.06.2026 16:23
Last: 13.06.2026 16:23
Sources 1
About this happening:
**Splunk** released **security updates** for **CVE-2026-20253**, fixing a critical **Splunk Enterprise** flaw that could enable unauthenticated file operations and **remote code e...
Splunk Enterprise security update for CVE-2026-20253
Security Patch ReleaseAbout this happening: **Splunk** released **security updates** for **CVE-2026-20253**, fixing a critical **Splunk Enterprise** flaw that could enable unauthenticated file operations and **remote code e...
Everest Forms Pro plugin actively exploited RCE (CVE-2026-3300)
Vulnerability
H score87
First: 04.06.2026 19:15
Last: 04.06.2026 19:15
Sources 1
About this happening:
**Everest Forms Pro** has an **actively exploited** critical **remote code execution** flaw, **CVE-2026-3300**, that lets unauthenticated attackers run **PHP** and take over **Wor...
Everest Forms Pro plugin actively exploited RCE (CVE-2026-3300)
VulnerabilityAbout this happening: **Everest Forms Pro** has an **actively exploited** critical **remote code execution** flaw, **CVE-2026-3300**, that lets unauthenticated attackers run **PHP** and take over **Wor...
Ghost CMS CVE-2026-26980 ClickFix campaign
Campaign
H score42
First: 24.05.2026 17:12
Last: 24.05.2026 17:12
Sources 1
About this happening:
A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...
Ghost CMS CVE-2026-26980 ClickFix campaign
CampaignAbout this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...
Timeline
-
06.02.2026 19:16 2 articles · 5mo ago
SmarterTools fixes CVE-2026-24423 in SmarterMail Build 9511
Mitigation Patch UpdateSmarterTools releases SmarterMail Build 9511 on January 15, 2026, fixing CVE-2026-24423 in versions prior to build 9511 and closing the ConnectToHub API path that could permit unauthenticated remote code execution.
Show sources
- CISA warns of SmarterMail RCE flaw used in ransomware attacks — www.bleepingcomputer.com — 06.02.2026 19:16
- Telegram channels expose rapid weaponization of SmarterMail flaws — www.bleepingcomputer.com — 18.02.2026 18:27
-
06.02.2026 19:16 1 articles · 5mo ago
CISA warns of exploited SmarterMail flaw and sets remediation deadline
Legal Policy Action UpdateCISA warns that ransomware actors are exploiting CVE-2026-24423 in SmarterMail, adds the vulnerability to the Known Exploited Vulnerabilities catalog, and directs federal agencies and BOD 22-01 entities to apply security updates and vendor-suggested mitigations or stop using the product by February 26, 2026.
Show sources
- CISA warns of SmarterMail RCE flaw used in ransomware attacks — www.bleepingcomputer.com — 06.02.2026 19:16