CVE-2025-52691CRITICAL · 10.0TrackedCISA KEV

SmarterTools · SmarterMail

SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

Disclosed

2025-12-29

163 days ago

Status

no honeypot capture yet

on CISA KEV — watching

7-day events

across 0 distinct IPs

7-day spread

0 ASN · 0 cty

0 active days

Top ASNs

No events captured yet.

Top countries

No events captured yet.

References

https://www.smartertools.com/smartermail/release-notes/current
https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/
https://nvd.nist.gov/vuln/detail/CVE-2025-52691

↗ NVD ↗ CISA KEV ↗ Search analyses