โ† Back to Dashboard

CVE-2026-48843

HIGH NVD
CVSS Score
7.2
Severity
HIGH
Source
NVD
Published
May 25, 2026
Description

Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. The issue stems from an insufficient fix for CVE-2026-35540.

View Full Details โ† Back