Lucene search
K

18 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/06/12 12:0 a.m.5 views

Security update for roundcubemail (important)

openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2026:0183-1 Rating: important References: 1266329 1266331 1266332 1266333 1266334 1266335 1266336 1266337 Cross-References: CVE-2026-48842 CVE-2026-48843 CVE-2026-48844 CVE-2026-48845 CVE-2026-48846...

8.1CVSS5.9AI score0.00764EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.18 views

Fedora 44 : roundcubemail (2026-2b956d89d3)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2b956d89d3 advisory. Release 1.7.1 - Enigma: Support automatic public key lookup import using HKP v1 protocol 5314 - Managesieve: Fix error when a mail message contains...

8.1CVSS6AI score0.00764EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.10 views

openSUSE 16 Security Update : roundcubemail (openSUSE-SU-2026:20852-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20852-1 advisory. Changes in roundcubemail: - update to 1.6.16 - Fix potential too long value in IMAP ID command 10136 - Security: Fix stored XSS/HTML/CSS injecti...

8.1CVSS6AI score0.00764EPSS
Exploits1References24
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.12 views

Debian dla-4604 : roundcube - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4604 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4604-1 [email protected]...

8.1CVSS6AI score0.00764EPSS
Exploits1References20
SUSE CVE
SUSE CVE
added 2026/05/27 10:56 a.m.13 views

SUSE CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-48844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection...

7.5CVSS5.9AI score0.00414EPSS
Exploits0References2
NVD
NVD
added 2026/05/25 8:16 p.m.23 views

CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS0.00414EPSS
Exploits0References5
OSV
OSV
added 2026/05/25 8:16 p.m.10 views

DEBIAN-CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/25 8:16 p.m.15 views

CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References6
OSV
OSV
added 2026/05/25 8:16 p.m.3 views

UBUNTU-CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/05/25 7:14 p.m.7 views

CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/25 7:14 p.m.7 views

CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/25 7:14 p.m.10 views

CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 7:14 p.m.126 views

CVE-2026-48844

Roundcube Webmail is affected: versions 1.6.x prior to 1.6.16 and 1.7.x prior to 1.7.1 expose insecure code evaluation logic in LDAP autovalues, enabling potential code injection. Root cause: the LDAP autovalues handling allows code evaluation where it should not. Impact is high (C, I, A all high...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 7:14 p.m.24 views

CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS0.00414EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 7:14 p.m.12 views

EUVD-2026-31717

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open source browser-based open source IMAP client from Roundcube that supports address book management, message searching, spell checking and more. A security vulnerability exists in Roundcube Webmail versions prior to 1.6.x 1.6.16 and 1.7.x 1.7.1 that stems from insecure...

7.5CVSS5.9AI score0.00414EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.19 views

PT-2026-43107

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions 1.6.x through 1.6.15 Roundcube Webmail versions 1.7.x through 1.7.0 Description Insecure code evaluation logic exists within the LDAP autovalues option, which could lead to code injection. Recommendations Update to...

7.5CVSS5.9AI score0.00414EPSS
Exploits0References20
Rows per page
Query Builder