CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2031 matches found

OSV•added 2026/02/17 12:0 a.m.•3 views

DSA-6137-1 roundcube - security update

Bulletin has no description...

4.7CVSS4.9AI score0.00629EPSS

Exploits2

OpenVAS•added 2026/02/17 12:0 a.m.•3 views

Debian: Security Advisory (DSA-6137-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS5.5AI score0.00629EPSS

Exploits2References2

SUSE CVE•added 2026/02/12 12:25 a.m.•4 views

SUSE CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00292EPSS

Exploits0References3

Tenable Nessus•added 2026/02/12 12:0 a.m.•8 views

Roundcube Webmail 1.5.x < 1.5.13 / 1.6.x < 1.6.13 Multiple Vulnerabilities

The remote web server is running Roundcube Webmail version 1.5.x prior to 1.5.13 or 1.6.x prior to 1.6.13. It is, therefore, affected by multiple vulnerabilities: - A Cascading Style Sheets CSS injection vulnerability exists due to mishandling of comments. A remote attacker could exploit this to...

4.7CVSS6AI score0.00629EPSS

Exploits2References3

RedhatCVE•added 2026/02/11 6:43 a.m.•6 views

CVE-2026-26079

A flaw was found in Roundcube Webmail. This vulnerability allows for Cascading Style Sheets CSS injection, a technique where an attacker can inject malicious styling code into a web page. This occurs due to the application mishandling comments. Successful exploitation could lead to the disclosure...

4.7CVSS5.5AI score0.00292EPSS

Exploits0References12

NVD•added 2026/02/11 5:16 a.m.•6 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS0.00292EPSS

Exploits0References9

OSV•added 2026/02/11 5:16 a.m.•4 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score

Exploits0References9

OSV•added 2026/02/11 5:16 a.m.•4 views

UBUNTU-CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.8AI score0.00292EPSS

Exploits0References12

CVE•added 2026/02/11 4:27 a.m.•19 views

CVE-2026-26079

CVE-2026-26079 affects Roundcube Webmail prior to 1.5.13 and 1.6 prior to 1.6.13. The issue is a CSS injection caused by mishandled comments, enabling styling-based manipulation. Affected component: Roundcube Webmail frontend codebase. Root cause: improper handling of comments leading to CSS inje...

4.7CVSS5.4AI score0.00292EPSS

Exploits0References9

Cvelist•added 2026/02/11 4:27 a.m.•28 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS0.00292EPSS

Exploits0References9

Vulnrichment•added 2026/02/11 4:27 a.m.•4 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00292EPSS

Exploits0References9

ATTACKERKB•added 2026/02/11 4:27 a.m.•6 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00292EPSS

Exploits0References10Affected Software1

CNNVD•added 2026/02/11 12:0 a.m.•3 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, and more. Versions of Roundcube Webmail prior to 1.5.13 and 1.6.13 had security vulnerabilities, which were caused by improper handling...

4.7CVSS5.8AI score0.00292EPSS

Exploits0References9

Positive Technologies•added 2026/02/11 12:0 a.m.•4 views

PT-2026-7485

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 1.5.13 Roundcube Webmail versions prior to 1.6.13 Description The webmail application allows for Cascading Style Sheets CSS injection due to improper handling of comments. This can potentially lead to...

9.3CVSS5.1AI score0.52529EPSS

Exploits7References41

UbuntuCve•added 2026/02/11 12:0 a.m.•2 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.8AI score0.00292EPSS

Exploits0References11

Tenable Nessus•added 2026/02/11 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-26079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled. CVE-2026-26079 Note th...

4.7CVSS5.8AI score0.00292EPSS

Exploits0References2

SUSE CVE•added 2026/02/10 12:23 a.m.•2 views

SUSE CVE-2026-25916

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...

4.3CVSS5.5AI score0.00629EPSS

Exploits2References3

Tenable Nessus•added 2026/02/10 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-25916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when Block remote images is used, does not block SVG feImage. CVE-2026-25916 Note that Nessus relies on t...

4.3CVSS5.9AI score0.00629EPSS

Exploits2References2