The latest entries on @codewhitesec 's vuln list seems to be a collision with @watchTowr 's SmarterMail publication:

https://code-white.com/public-vulnerability-list/#authenticationserviceforceresetpassword-missing-authentication-in-smartermail

I'm curious about the story here!

@buherator Our @mwulftange found the two vulns (auth bypass and rce) weeks ago and we informed the vendor. Build 9511 on 2026-01-15 patched those vulns. We updated our vuln list today after all our clients had patched their systems. Anything else happened independently.

@codewhitesec @mwulftange Thanks for the clarification, nice work!

@codewhitesec @buherator @mwulftange Congrats:) We have received no info from the vendor that we had collisions. :)