CVE ID :CVE-2026-44400 Published : May 8, 2026, 9:16 p.m. | 23 minutes ago Description :MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the WebMail login endpoint using the PersistentLogin parameter and replay it against the WebAdmin portal to perform highly privileged administrative actions. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...