CVE-2026-35542
A flaw was found in Roundcube Webmail. A remote attacker could bypass the remote image blocking feature by sending a specially crafted email containing a malicious background attribute within a BODY element. This vulnerability may lead to unauthorized information disclosure or an access-control...