Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Roundcube — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting Roundcube. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Roundcube serves as a web-based email client with IMAP support, enabling users to access and manage email through browsers. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and session management issues. The application has experienced notable security incidents, including a 2020 supply chain attack where malicious code was added to its update mechanism, affecting multiple installations. Despite these challenges, regular security updates and community vigilance help mitigate risks, though its widespread deployment continues to make it a target for attackers seeking to exploit email access for further compromise.

Top products by Roundcube: Webmail Roundcubemail
CVE IDTitleCVSSSeverityPublished
CVE-2026-35545 Roundcube Webmail 安全漏洞 — WebmailCWE-669 5.3 Medium2026-04-03
CVE-2026-35544 Roundcube Webmail 安全漏洞 — WebmailCWE-669 5.3 Medium2026-04-03
CVE-2026-35543 Roundcube Webmail 安全漏洞 — WebmailCWE-669 5.3 Medium2026-04-03
CVE-2026-35542 Roundcube Webmail 安全漏洞 — WebmailCWE-669 5.3 Medium2026-04-03
CVE-2026-35541 Roundcube Webmail 安全漏洞 — WebmailCWE-843 4.2 Medium2026-04-03
CVE-2026-35540 Roundcube Webmail 安全漏洞 — WebmailCWE-669 5.4 Medium2026-04-03
CVE-2026-35539 Roundcube Webmail 跨站脚本漏洞 — WebmailCWE-79 6.1 Medium2026-04-03
CVE-2026-35538 Roundcube Webmail 参数注入漏洞 — WebmailCWE-88 3.1 Low2026-04-03
CVE-2026-35537 Roundcube Webmail 代码问题漏洞 — WebmailCWE-502 3.7 Low2026-04-03
CVE-2026-26079 Roundcube Webmail 安全漏洞 — WebmailCWE-829 4.7 Medium2026-02-11
CVE-2026-25916 Roundcube Webmail 安全漏洞 — WebmailCWE-420 4.3 Medium2026-02-09
CVE-2025-68461 Roundcube Webmail 跨站脚本漏洞 — WebmailCWE-79 7.2 High2025-12-18
CVE-2025-68460 Roundcube Webmail 安全漏洞 — WebmailCWE-116 7.2 High2025-12-18
CVE-2025-49113 Roundcube Webmail 安全漏洞 — WebmailCWE-502 9.9 Critical2025-06-02
CVE-2023-5631 Stored XSS vulnerability in Roundcube — RoundcubemailCWE-79 6.1 Medium2023-10-18

This page lists every published CVE security advisory associated with Roundcube. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.