CVE-2026-23760

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An...

SmarterTools SmarterMail security vulnerability

SmarterTools SmarterMail is a set of email server software developed by SmarterTools Corporation. This software supports features such as spam filtering, data statistics, and Simple Mail Transfer Protocol SMTP authentication. Previous versions of SmarterTools SmarterMail, including the 9511...

VulnCheck KEV: CVE-2026-23760

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An...

PT-2022-3562 · American Megatrends +1 · Ami Megarac +1

Name of the Vulnerable Software and Affected Versions: AMI Megarac affected versions not specified Description: The issue is related to the interception of password reset requests via API. There is also a mention of a vulnerability in the OpenSSL library used by the TYCHON network endpoint...