Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Roundcube Webmail actively exploited flaws (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

Roundcube Webmail now faces confirmed active exploitation across CVE-2025-49113 and CVE-2025-68461, exposing webmail installations to remote code execution and XSS risk. Roundcube has already shipped fixes in 1.6.12 and 1.5.12, but internet-facing deployments remain a priority target. Shadowserver previously warned that more than 84,000 installations were vulnerable, and Shodan tracks over 46,000 accessible instances. CISA placed both flaws in its KEV Catalog and required rapid federal remediation.

Related Happenings

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

NIST/NVD risk-based CVE enrichment change

Public Sector Action
First: 16.04.2026 15:43 Last: 16.04.2026 15:43 Sources 1

About this happening: **NIST** said the **US National Vulnerability Database (NVD)** will switch to a **risk-based CVE enrichment** model to cope with backlog growth. The change will **drop enrichment...

Open Happening

CISA KEV remediation order for five exploited Apple, Craft CMS, and Laravel Livewire flaws

Advisory/Mitigation
First: 21.03.2026 10:25 Last: 21.03.2026 10:25 Sources 1

About this happening: **CISA** added **five exploited flaws** affecting **Apple**, **Craft CMS**, and **Laravel Livewire** to the **KEV catalog**, creating an urgent remediation requirement for federal...

Open Happening

CISA patch guidance for Zimbra and SharePoint flaws

Advisory/Mitigation
First: 19.03.2026 08:05 Last: 19.03.2026 08:05 Sources 1

About this happening: **CISA** told **FCEB agencies** to patch **two actively exploited vulnerabilities** in **Synacor Zimbra Collaboration Suite (ZCS)** and **Microsoft Office SharePoint**, creating i...

Open Happening

Timeline

  1. 23.02.2026 13:44 2 articles · 3mo ago

    CISA flags Roundcube Webmail flaws and orders patching

    Legal Policy Action Update

    CISA added CVE-2025-49113 and CVE-2025-68461 in Roundcube Webmail to its Known Exploited Vulnerabilities Catalog, said the flaws are actively exploited in attacks, and ordered Federal Civilian Executive Branch agencies to secure affected systems within three weeks, by March 13. Roundcube had already released versions 1.6.12 and 1.5.12 to fix the issues in Roundcube 1.6.x and 1.5.x installations.

    Show sources
    Open in new tab