A code-smuggling gap in the Roundcube webmailer is already under attack. Tens of thousands of systems worldwide are still vulnerable. The critical security vulnerability in Roundcube Webmail that ...

The threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-concept (PoC) code for the bug becoming ...

The Roundcube email client has a critical remote code execution flaw tracked as CVE-2025-49113 with a CVSS score of 9.9. The vulnerability has been present in Roundmail for over a decade, allowing ...

CISOs need to ensure that web email clients and browsers are kept up to date following the discovery of cross site scripting attacks on organizations running webmail clients such as Roundcube, Horde, ...

Robbie has been an avid gamer for well over 20 years. During that time, he's watched countless franchises rise and fall. He's a big RPG fan but dabbles in a little bit of everything. Writing about ...

IT security researchers have observed attacks on a stored cross-site scripting vulnerability in Roundcube Webmail. An update is available. Attackers are attempting to abuse a security vulnerability in ...

An XSS vulnerability in Roundcube Webmail has been targeted for code execution against a governmental organization in a CIS country. A threat actor was caught attempting to exploit a recent ...

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials ...

Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal ...