CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

57 matches found

OPENSUSE Linux•added 2026/03/06 12:0 a.m.•3 views

Security update for roundcubemail (important)

openSUSE security update: security update for roundcubemail ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20323-1 Rating: important References: bsc1255306 bsc1255308 bsc1257909 bsc1258052 Cross-References: CVE-2025-68460 CVE-2025-68461...

5.3CVSS5.8AI score0.06858EPSS

Exploits3References4

SUSE CVE•added 2026/02/12 12:25 a.m.•1 views

SUSE CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00085EPSS

Exploits0References3

NVD•added 2026/02/11 5:16 a.m.•4 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS0.00085EPSS

Exploits0References9

OSV•added 2026/02/11 5:16 a.m.•2 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score

Exploits0References9

OSV•added 2026/02/11 5:16 a.m.•1 views

UBUNTU-CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.8AI score0.00085EPSS

Exploits0References12

CVE•added 2026/02/11 4:27 a.m.•14 views

CVE-2026-26079

CVE-2026-26079 affects Roundcube Webmail prior to 1.5.13 and 1.6 prior to 1.6.13. The issue is a CSS injection caused by mishandled comments, enabling styling-based manipulation. Affected component: Roundcube Webmail frontend codebase. Root cause: improper handling of comments leading to CSS inje...

4.7CVSS5.4AI score0.00085EPSS

Exploits0References9

Vulnrichment•added 2026/02/11 4:27 a.m.•1 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00085EPSS

Exploits0References9

Cvelist•added 2026/02/11 4:27 a.m.•26 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS0.00085EPSS

Exploits0References9

CNNVD•added 2026/02/11 12:0 a.m.•3 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, and more. Versions of Roundcube Webmail prior to 1.5.13 and 1.6.13 had security vulnerabilities, which were caused by improper handling...

4.7CVSS5.8AI score0.00085EPSS

Exploits0References9

UbuntuCve•added 2026/02/11 12:0 a.m.•1 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.8AI score0.00085EPSS

Exploits0References11

SUSE CVE•added 2026/02/10 12:23 a.m.•1 views

SUSE CVE-2026-25916

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...

4.3CVSS5.5AI score0.00039EPSS

Exploits2References3

NVD•added 2026/02/09 9:16 a.m.•2 views

CVE-2026-25916

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...

4.3CVSS0.00039EPSS

Exploits2References3

OSV•added 2026/02/09 9:16 a.m.•1 views

UBUNTU-CVE-2026-25916

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...

4.3CVSS5.8AI score0.00039EPSS

Exploits2References7

UbuntuCve•added 2026/02/09 9:16 a.m.•1 views

CVE-2026-25916

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...

4.3CVSS5.8AI score0.00039EPSS

Exploits2References6

Vulnrichment•added 2026/02/09 8:14 a.m.•2 views

CVE-2026-25916

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...

4.3CVSS5.5AI score0.00039EPSS

Exploits2References3

RedhatCVE•added 2025/12/23 9:34 p.m.•2 views

CVE-2025-68475

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Fedify's document loader. The HTML parsing regex at...

7.5CVSS6.8AI score0.0044EPSS

Exploits1References1

Vulnrichment•added 2025/12/22 9:31 p.m.•1 views

CVE-2025-68475 Fedify has ReDoS Vulnerability in HTML Parsing Regex

7.5CVSS6.4AI score0.0044EPSS

Exploits1References7

OSV•added 2025/12/22 9:31 p.m.•2 views

CVE-2025-68475 Fedify has ReDoS Vulnerability in HTML Parsing Regex

7.5CVSS6.6AI score0.0044EPSS

Exploits1References9

Positive Technologies•added 2025/12/22 12:0 a.m.•2 views

PT-2025-52723

Name of the Vulnerable Software and Affected Versions Fedify versions prior to 1.6.13 Fedify versions prior to 1.7.14 Fedify versions prior to 1.8.15 Fedify versions prior to 1.9.2 Description Fedify is a TypeScript library used for building federated server applications based on ActivityPub. A...

7.5CVSS6.5AI score0.0044EPSS

Exploits1References12

Tenable Nessus•added 2025/09/10 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2024-7625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation...

5.8CVSS5.4AI score0.00296EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by