Lucene search
+L

83 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-48846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail...

6.5CVSS5.8AI score0.00405EPSS
Exploits0References2
NVD
NVD
added 2026/05/25 8:16 p.m.13 views

CVE-2026-48845

In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...

6.5CVSS0.00377EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 8:16 p.m.14 views

CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS0.00405EPSS
Exploits0References5
OSV
OSV
added 2026/05/25 8:16 p.m.8 views

DEBIAN-CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS5.8AI score0.00405EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/25 8:16 p.m.12 views

CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS5.7AI score0.00405EPSS
Exploits0References6
OSV
OSV
added 2026/05/25 8:16 p.m.13 views

UBUNTU-CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS5.8AI score0.00405EPSS
Exploits0References7
CVE
CVE
added 2026/05/25 7:21 p.m.38 views

CVE-2026-48846

In Roundcube Webmail, versions 1.6.x before 1.6.16 and 1.7.x before 1.7.1 have a vulnerability where the remote image blocking feature can be bypassed by a crafted CSS var() value in an e-mail message. This may lead to information disclosure or an access-control bypass. Affected software: Roundcu...

6.5CVSS5.8AI score0.00405EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 7:21 p.m.25 views

CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS0.00405EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 7:21 p.m.10 views

CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS5.8AI score0.00405EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 7:21 p.m.8 views

CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS5.8AI score0.00405EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/25 7:21 p.m.13 views

CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS5.8AI score0.00405EPSS
Exploits0
EUVD
EUVD
added 2026/05/25 7:21 p.m.12 views

EUVD-2026-31725

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS5.8AI score0.00405EPSS
Exploits0References5
OSV
OSV
added 2026/05/25 7:21 p.m.2 views

CVE-2026-48846

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...

6.5CVSS6.6AI score0.00405EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/25 7:18 p.m.9 views

CVE-2026-48845

In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...

6.5CVSS5.8AI score0.00377EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/25 7:18 p.m.10 views

CVE-2026-48845

In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...

6.5CVSS5.8AI score0.00377EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/25 7:18 p.m.12 views

CVE-2026-48845

In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...

6.5CVSS5.8AI score0.00377EPSS
Exploits0
CVE
CVE
added 2026/05/25 7:18 p.m.162 views

CVE-2026-48845

CVE-2026-48845 affects Roundcube Webmail 1.6.x (1.6.14–1.6.16) and 1.7.x before 1.7.1. The issue: remote image blocking is not honored for URLs to local/private destinations in text/html emails, enabling potential information disclosure or privilege escalation. Impact is described as information ...

6.5CVSS5.8AI score0.00377EPSS
Exploits0References5
OSV
OSV
added 2026/05/25 7:18 p.m.3 views

CVE-2026-48845

In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...

6.5CVSS6.7AI score0.00377EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/25 7:18 p.m.16 views

EUVD-2026-31720

In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...

6.5CVSS5.8AI score0.00377EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.14 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is a browser-based open source IMAP client from Roundcube that supports address book management, message searching, spell checking, and more. A security vulnerability exists in Roundcube Webmail versions 1.6.14 through 1.6.16 and prior to 1.7.1, which stems from the remote image...

6.5CVSS5.8AI score0.00377EPSS
Exploits0References5
Rows per page
Query Builder