Lucene search
K

223 matches found

Snyk
Snyk
added 2026/04/03 6:31 a.m.4 views

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the remote image blocking process. An attacker can obtain sensitive information or bypass access controls by embedding specially crafted SVG content with animate attributes in an email...

6.9CVSS5.9AI score0.00402EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 6:31 a.m.4 views

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the remote image blocking process. An attacker can cause unauthorized remote image loading by embedding specially crafted SVG content with animate elements using attributes such as fill,...

8.2CVSS6AI score0.00329EPSS
Exploits0References2
OSV
OSV
added 2026/04/03 6:31 a.m.3 views

GHSA-J2G6-8RVG-7MF6 Roundcube Webmail: Bypass of remote image blocking via SVG content (with animate attributes) in an e-mail message

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References9
OSV
OSV
added 2026/04/03 6:31 a.m.2 views

GHSA-W846-74JR-76CV Roundcube Webmail: Remote image blocking feature can be bypassed via SVG content in an e-mail message

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References9
EUVD
EUVD
added 2026/04/03 6:31 a.m.19 views

EUVD-2026-18593

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/04/03 6:31 a.m.6 views

Roundcube Webmail: Bypass of remote image blocking via SVG content (with animate attributes) in an e-mail message

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/03 6:31 a.m.5 views

Roundcube: Bypass of remote image blocking via crafted BODY background attribute

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/03 6:31 a.m.6 views

Roundcube Webmail: Remote image blocking feature can be bypassed via SVG content in an e-mail message

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

8.2CVSS5.9AI score0.00329EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2026/04/03 5:16 a.m.5 views

CVE-2026-35542

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS0.00402EPSS
Exploits0References7
NVD
NVD
added 2026/04/03 5:16 a.m.11 views

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

8.2CVSS0.00329EPSS
Exploits0References7
NVD
NVD
added 2026/04/03 5:16 a.m.9 views

CVE-2026-35543

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS0.00402EPSS
Exploits0References7
OSV
OSV
added 2026/04/03 5:16 a.m.4 views

UBUNTU-CVE-2026-35543

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/04/03 5:16 a.m.4 views

CVE-2026-35542

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References9
OSV
OSV
added 2026/04/03 5:16 a.m.3 views

UBUNTU-CVE-2026-35542

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/04/03 5:16 a.m.3 views

CVE-2026-35543

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/04/03 5:16 a.m.5 views

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

8.2CVSS5.8AI score0.00329EPSS
Exploits0References8
OSV
OSV
added 2026/04/03 5:16 a.m.5 views

UBUNTU-CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

8.2CVSS5.8AI score0.00329EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/04/03 4:2 a.m.22 views

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

5.3CVSS0.00329EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/03 4:2 a.m.2 views

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/03 4:2 a.m.5 views

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder