CVE-2026-26079 – Roundcube Webmail CSS Injection Vulnerability

CVE ID : CVE-2026-26079

Published : Feb. 11, 2026, 5:16 a.m. | 1 hour, 7 minutes ago

Description : Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…