โ† Back to Dashboard

CVE-2026-48846

MEDIUM NVD
CVSS Score
6.5
Severity
MEDIUM
Source
NVD
Published
May 25, 2026
Description

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var() value in an e-mail message, which may lead to information disclosure or access-control bypass.

View Full Details โ† Back