This week, we look at how long-standing API security failures are being amplified by automation, AI, and increasingly aggressive exploitation timelines. From agentic AI vulnerabilities in ServiceNow to authentication bypasses actively exploited in SmarterMail and Fortinet infrastructure, this issue highlights how broken authentication and authorization continue to dominate real-world incidents.
We also dive into the 42Crunch State of API Security 2026 report, which analyzes 200 production vulnerabilities to show why these patterns persist — and why, as AI agents become first-class API consumers, insecure APIs are far less likely to remain unnoticed or unexploited.
Vulnerability: ServiceNow “BodySnatcher”: Agentic AI Vulnerability Leads to User Impersonation
A critical agentic AI security flaw dubbed BodySnatcher (CVE-2025-12420) has been uncovered in ServiceNow’s Virtual Agent API and Now Assist AI Agents platform, illustrating how autonomous AI integrations can introduce catastrophic risks when identity and access logic are weak.
Researchers at AppOmni found that an unauthenticated attacker could impersonate any user — including administrators — using only a target’s email address by chaining a hardcoded platform-wide secret with overly permissive account-linking logic, effectively bypassing multi-factor authentication (MFA), single sign-on (SSO), and other controls. Once impersonation was achieved, the attacker could remotely invoke AI agent workflows as the victim, create backdoor admin accounts, and execute privileged actions, weaponizing automation to subvert enterprise controls and escalate access.
AppOmni described BodySnatcher as “the most severe AI-driven security vulnerability uncovered to date,” highlighting how traditional authentication and API security weaknesses become dramatically worse when high-privilege agents are involved. ServiceNow has since patched the vulnerability in affected versions, but the incident underscores the need for rigorous identity verification, least-privilege agent scoping, and runtime governance of AI agents to prevent similar exploits.
Vulnerability: SmarterMail Authentication Bypass (CVE-2026-23760) Exploited in the Wild
A critical authentication bypass vulnerability in SmarterTools’ SmarterMail email and collaboration platform — tracked as CVE-2026-23760 and originally reported by WatchTowr Labs — is now being actively exploited in the wild even after a patch was released.
The flaw exists in the /api/v1/auth/force-reset-password API endpoint, allowing users to reset their password.
While normally password reset “rely on a second factor or out-of-band proof of control – for example, a secret token delivered via email”, as WatchTowr Labs frames it, there was no such protection in place. Instead, the old password was requested, suggesting that SmarterMail developers mixed change password and reset password functionalities…
Furthermore, while in place for regular users, validation of the existing old password was not even done processing password reset requests for system administrator accounts!
Knowing the username of an admin account was therefore enough to change his password, gaining full administrative access to the SmarterMail instance and, through built-in admin features, execute arbitrary operating system commands at SYSTEM level on the host.
Evidence suggests attackers very quickly reverse-engineered the patch shipped in Build 9511 (January 15, 2026) and began abusing the flaw within 48 hours, demonstrating how rapidly critical API authentication bypasses can be weaponized post-disclosure.
Organizations running vulnerable versions should update immediately and validate that the forced reset path is protected.
Vulnerability: Fortinet FortiCloud SSO Authentication Bypass (CVE-2026-24858)
Fortinet has released urgent patches for a critical authentication bypass vulnerability tracked as CVE-2026-24858, which has been actively exploited in the wild across multiple Fortinet products, including FortiOS, FortiManager, and FortiAnalyzer.
The flaw, categorized as an authentication bypass using an alternate path or channel (CWE-288), allows an attacker with a FortiCloud account and a registered device to authenticate to devices registered under other FortiCloud accounts when FortiCloud SSO is enabled — effectively breaking account isolation and granting unauthorized administrative access without valid credentials.
Exploitation has enabled attackers to create persistent admin accounts and exfiltrate device configurations before patches were widely deployed.
From an OWASP perspective, this maps to OWASP API2: Broken Authentication, where flawed assumptions about identity, trust relationships, or authentication flows allow attackers to bypass access controls entirely.
Coincidentally (or not!), this incident directly reflects a key finding from the 42Crunch State of API Security 2026 report: authentication bypass remains one of the most prevalent real-world API vulnerabilities, consistently showing up in production breaches due to gaps in access control and trust boundaries.
Report: State of API Security 2026: What Real Vulnerabilities Tell Us About the Year Ahead
42Crunch published their State of API Security 2026 report. This report delivers a data-driven analysis of 200 real-world API vulnerabilities observed in production between 2024 and 2025, drawn directly from APISecurity.io newsletter coverage and independently verified cases.
Rather than focusing on theoretical risks, the report highlights how common development mistakes — such as missing authentication, broken authorization, weak input validation, and client-side security assumptions — consistently lead to serious breaches across industries.
Looking ahead, it also examines how AI agents and LLMs fundamentally change the API risk model, increasing the likelihood that latent vulnerabilities will be discovered and exploited in production.
The report translates these findings into clear development responsibilities and preventative practices, helping teams prioritize governance and build APIs that are secure by design in an AI-driven ecosystem.
Report: AI-Assisted Patch Diffing and the New Exploit Race
Recent research by Akamai demonstrates how large language models can be used to automate patch diff analysis, rapidly identifying the root cause of security patches and the precise code changes that fix them.
Tools like PatchDiff-AI ingest vendor binaries and patch metadata, and generate detailed root-cause analysis reports in a fraction of the time it would take a human — compressing what used to take weeks into hours or even minutes.
This accelerated analysis is a double-edged sword: while defenders can understand fixes faster, attackers can use the same insights to craft one-day exploits targeting newly disclosed vulnerabilities almost immediately after their patches are published.
The SmarterMail authentication bypass exploit we just discussed, which was weaponized within days (hours? minutes?) of a patch release, is a clear example of this emerging threat landscape.
In a world where AI can quickly translate patch diffs into exploit logic, timely updates and automated patch deployment are no longer optional — they are essential to stay ahead of attackers who are increasingly using AI-assisted techniques to turn disclosures into active threats in an extremely short time.
Get API Security news directly in your Inbox.
By clicking Subscribe you agree to our Data Policy
