Unrated severityCISA KEVNVD Advisory· Published Dec 29, 2025· Updated Feb 26, 2026

Upload Arbitrary Files

CVE-2025-52691

Description

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

Affected products

Smartertools/Smartermailv5
Range: SmarterMail versions Build 9406 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.070
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.060