2 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-62643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or...
CVE-2026-35540
A flaw was found in Roundcube Webmail. Insufficient sanitization of Cascading Style Sheets CSS in HTML e-mail messages may allow a remote attacker to perform Server-Side Request Forgery SSRF or disclose sensitive information. This can occur if malicious stylesheet links within an e-mail point to...