CVE-2026-26079 | Roundcube Webmail up to 1.5.12/1.6.12 Cascading Style Sheet inclusion of functionality from untrusted control sphere

Inserito da Angelo Barbosa | Feb 11, 2026 | CVE

A vulnerability identified as problematic has been detected in Roundcube Webmail up to 1.5.12/1.6.12. Affected by this issue is some unknown functionality of the component Cascading Style Sheet Handler. This manipulation causes inclusion of functionality from untrusted control sphere.

This vulnerability is registered as CVE-2026-26079. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.

CVE-2026-26079 | Roundcube Webmail up to 1.5.12/1.6.12 Cascading Style Sheet inclusion of functionality from untrusted control sphere

Post correlati

CVE-2024-26277 | Siemens Parasolid X_T File null pointer dereference (ssa-222019)

CVE-2023-49860 | WP Project Manager Plugin up to 2.6.7 on WordPress cross site scripting

CVE-2023-25648 | ZTE ZXCLOUD iRAI permission assignment

CVE-2023-29122 | Enel X JuiceBox Pro 3.0 22kW Cellular up to 2.1.1.0_JB3VU096A incorrect ownership assignment