CVE-2026-24423 - SmarterTools SmarterMail < Build 9511 Unauthenticated RCE via ConnectToHub API

CVE ID : CVE-2026-24423 Published : Jan. 23, 2026, 5:16 p.m. | 1 hour, 20 minutes ago Description : SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...