CVE-2026-44400
published 2026-05-08CVE-2026-44400: MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass…
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.35%
26.8th percentile
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the WebMail login endpoint using the PersistentLogin parameter and replay it against the WebAdmin portal to perform highly privileged administrative actions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mailenable | mailenable | < 10.56 | 10.56 |
| mailenable | mailenable_enterprise_premium | <= 10.55 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
MailEnable Enterprise Premium up to 10.54 Login Endpoint PersistentLogin authorization
vuldb·2026-05-09·CVSS 8.7
CVE-2026-44400 [HIGH] MailEnable Enterprise Premium up to 10.54 Login Endpoint PersistentLogin authorization
A vulnerability classified as problematic was found in MailEnable Enterprise Premium up to 10.54. This vulnerability affects unknown code of the component Login Endpoint. The manipulation of the argument PersistentLogin results in authorization bypass.
This vulnerability is identified as CVE-2026-44400. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is advised.
GHSA
GHSA-f3v7-jqh4-whf5: MailEnable Enterprise Premium 10
ghsa_unreviewed·2026-05-08
CVE-2026-44400 [HIGH] CWE-639 GHSA-f3v7-jqh4-whf5: MailEnable Enterprise Premium 10
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the WebMail login endpoint using the PersistentLogin parameter and replay it against the WebAdmin portal to perform highly privileged administrative actions.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-08
Published