Where
-Infinity
0

Trending

Last week
Last month
Last year

Roundcube WebmailAn issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking fea…

Risk 57
Severity
8.2
First published (updated )
CVE-2026-35545

Roundcube WebmailAn issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style …

Risk 27
Severity
5.3
First published (updated )
CVE-2026-35544

Roundcube WebmailAn issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking fea…

Risk 27
Severity
5.3
First published (updated )
CVE-2026-35543

Roundcube WebmailAn issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking fea…

Risk 27
Severity
5.3
First published (updated )
CVE-2026-35542

Roundcube WebmailAn issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison…

Risk 29
Severity
4.2
First published (updated )
CVE-2026-35541
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

composer/roundcube/roundcubemailSSRF

Risk 40
Severity
6.5
First published (updated )
CVE-2026-35540

Roundcube WebmailXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2026-35539

Roundcube WebmailCSRF

Risk 17
Severity
3.1
First published (updated )
CVE-2026-35538

Roundcube Webmail+moRoundcube arbitrary write + ID/XSS/etc. prior to 1.6.14

Risk 46
Severity
7.5
First published (updated )
CVE-2026-35537

BleepingComputerCISA: Recently patched RoundCube flaws now exploited in attacks

Exploited
First published (updated )
News
BleepingComputer
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Roundcube WebmailRoundCube Webmail Cross-site Scripting Vulnerability

Risk 65
Severity
7.2
Exploited
First published (updated )
CVE-2025-68461

Roundcube Webmail/CVE-2025-68461: Roundcube XSS + I-D prior to 1.5.12/1.6.12

Risk 46
Severity
7.5
First published (updated )
CVE-2025-68460

Roundcube webmail: Post-Auth RCE via PHP Object Deserialization ported by firs0v

First published (updated )
https://seclists.org/oss-sec/2025/q2/189

Roundcube WebmailRoundCube Webmail Deserialization of Untrusted Data Vulnerability

Risk 100
Severity
10
Exploited
EPSS
73.08%
First published (updated )
CVE-2025-49113

Roundcube WebmailXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2024-57004
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Roundcube WebmailCommand Injection

Risk 86
Severity
9.8
First published (updated )
CVE-2024-37385

Roundcube WebmailStored XSS vulnerability in Roundcube

Risk 65
Severity
6.1
Exploited
Zeroday
EPSS
90.74%
First published (updated )
CVE-2023-5631

Debian Debian LinuxRoundcube Webmail SQL Injection Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2021-44026

Roundcube WebmailRoundcube Webmail Cross-Site Scripting (XSS) Vulnerability

Risk 65
Severity
6.1
Exploited
First published (updated )
CVE-2020-35730

Roundcube WebmailRoundcube Webmail Remote Code Execution Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2020-12641
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

debian/roundcubeXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2018-19206

Apple MailThe OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can in…

Risk 35
Severity
5.9
First published (updated )
CVE-2017-17688

Roundcube WebmailRoundcube Webmail File Disclosure Vulnerability

Risk 83
Severity
7.8
Exploited
First published (updated )
CVE-2017-16651

Roundcube WebmailInfoleak

Risk 43
Severity
7.5
First published (updated )
CVE-2015-5383

Roundcube WebmailXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2015-5381
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Roundcube WebmailInfoleak

Risk 38
Severity
6.5
First published (updated )
CVE-2015-5382

Roundcube WebmailRoundcube Webmail allows arbitrary password resets by authenticated users. This affects versions bef…

Risk 79
Severity
8.8
First published (updated )
CVE-2017-8114

Roundcube WebmailXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2016-4068

Roundcube WebmailXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2015-8864

Roundcube WebmailBuffer Overflow

Risk 79
Severity
8.8
First published (updated )
CVE-2015-2181
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203