Outbreak Alert

SmarterTools SmarterMail RCE

Released: Jan 29, 2026

SmarterTools SmarterMail RCE Vulnerability Tags

High Severity

Enabling remote code execution.

An actively targeted vulnerability has been identified in SmarterTools SmarterMail, tracked as CVE-2025-52691, with a CVSS score of 10.0 (Critical). The flaw allows unauthenticated attackers to upload arbitrary files to any location on the mail server, potentially resulting in remote code execution (RCE). Learn More »

Common Vulnerabilities and Exposures

Background

SmarterTools SmarterMail is an email and collaboration server positioned as an alternative to Microsoft Exchange. CVE-2025-52691 has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog as of January 26, 2026, indicating confirmed exploitation in the wild.

Successful exploitation could allow threat actors to gain full control of the affected mail server, deploy web shells, establish persistence, and pivot deeper into the environment. Public technical analysis and exploit research indicate active attacker interest and weaponization.

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.

SmarterTools has released security updates to address a vulnerability in their SmarterMail software. Users and administrators of affected product versions are advised to update to SmarterMail version Build 9413 immediately.

January 29, 2026: Critical security fixes Provided by Smartertools.
https://www.smartertools.com/smartermail/release-notes/current
January 27, 2026: FortiGuard Labs released a Threat Signal.
https://www.fortiguard.com/threat-signal-report/6322/smartertools-smartermail-rce
January 26, 2026: This CVE was added to CISA's Known Exploited Vulnerabilities Catalog

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.

PROTECT

Vulnerability
IPS

DETECT

IOC
Outbreak Detection

RESPOND

Automated Response
Assisted Response Services

RECOVER

NOC/SOC Training
End-User Training

IDENTIFY

Vulnerability Management
Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.

References

Sources of information in support and relation to this Outbreak and vendor.

Huntress Blog

Learn More »

CSA Alert

Learn More »

About FortiGuard Outbreak Alerts

Learn More »

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Outbreak Alert

SmarterTools SmarterMail RCE

Enabling remote code execution.

Common Vulnerabilities and Exposures

Background

Real-Time Threat Map

Latest Development

FortiGuard Cybersecurity Framework

Threat Intelligence

References

Huntress Blog

CSA Alert

About FortiGuard Outbreak Alerts

Threat Intelligence
Center