Back to Community Threads
Smartermail Administrator Password Reset - Read this - CVE-2026-23760
Problem reported by Jade B - Today at 12:40 AM
Submitted
I'm creating this (what may seem like a duplicate post) post as there is some misinformation on the forums.

Smartermail version 9511 and prior is subject to Unauthenticated Administrator Password Reset - CVE-2026-23760

If you've run into the issue where your smartermail administrator password no longer works then it is because you're affected by the current exploit that affects version 9511 and prior. 

Upgrade to the latest version (currently 9518)


To regain access to your smartermail server, use this

Assume that your server is compromised and prepare to rebuild and restore data from backup - pay attention to the mounted drive section of Watchtowr's post.
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Reset Administrator Username and PasswordSmarterMail > Installation and Configuration
Reset Administrator Username and Password ( Linux )SmarterMail > Installation and Configuration
SmarterMail for Linux – SSL/TLS & Certificate ReferenceSmarterMail > Server Configuration and Management
Set Up a Recovery Email AddressSmarterMail > Domain/User Configuration and Management
Webmail Shows an Expired Certificate WarningSmarterMail > Troubleshooting