Critical (CVSS 10) tagged CVE-2025-52691 affecting SmarterMail software (opens in new tab)

SmarterMail Build 9406 and earlier is vulnerable to arbitrary file upload. An unauthenticated attacker can upload arbitrary files to any location on the mail server, potentially enabling remote code execution.