Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
Typedeb
Namespacedebian
Nameroundcube
Version1.4.15+dfsg.1-1+deb11u4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.6.5+dfsg-1+deb12u6
Latest_non_vulnerable_version1.6.5+dfsg-1+deb12u6
Affected_by_vulnerabilities
0
url VCID-2hap-9mqs-v3b8
vulnerability_id VCID-2hap-9mqs-v3b8
summary Roundcube Webmail: Incorrect password comparison in the password plugin
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35541
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09324
published_at 2026-04-08T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10086
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09983
published_at 2026-04-07T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10618
published_at 2026-04-18T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10604
published_at 2026-04-16T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10739
published_at 2026-04-13T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10764
published_at 2026-04-12T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10796
published_at 2026-04-11T12:55:00Z
8
value 0.00036
scoring_system epss
scoring_elements 0.10782
published_at 2026-04-09T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.10743
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35541
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35541
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35541
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/2e6a99b2a38110907ea8d3be8e59ec3d5802c394
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:00Z/
url https://github.com/roundcube/roundcubemail/commit/2e6a99b2a38110907ea8d3be8e59ec3d5802c394
4
reference_url https://github.com/roundcube/roundcubemail/commit/6a275676a8043083c05c961914d830b79e2490d4
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:00Z/
url https://github.com/roundcube/roundcubemail/commit/6a275676a8043083c05c961914d830b79e2490d4
5
reference_url https://github.com/roundcube/roundcubemail/commit/6fa2bddc59b9c9fd31cad4a9e2954a208d793dce
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:00Z/
url https://github.com/roundcube/roundcubemail/commit/6fa2bddc59b9c9fd31cad4a9e2954a208d793dce
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:00Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
7
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:00Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
8
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:00Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
9
reference_url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:00Z/
url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id 1131182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35541
reference_id CVE-2026-35541
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35541
12
reference_url https://github.com/advisories/GHSA-46pv-mj2g-93gh
reference_id GHSA-46pv-mj2g-93gh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-46pv-mj2g-93gh
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35541, GHSA-46pv-mj2g-93gh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hap-9mqs-v3b8
1
url VCID-2nb2-9vgp-tqg9
vulnerability_id VCID-2nb2-9vgp-tqg9
summary roundcubemail: Roundcube Webmail: Information Disclosure via HTML Style Sanitizer
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68460.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68460.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68460
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14181
published_at 2026-04-02T12:55:00Z
1
value 0.00046
scoring_system epss
scoring_elements 0.14238
published_at 2026-04-04T12:55:00Z
2
value 0.00046
scoring_system epss
scoring_elements 0.14053
published_at 2026-04-07T12:55:00Z
3
value 0.00046
scoring_system epss
scoring_elements 0.14134
published_at 2026-04-08T12:55:00Z
4
value 0.00046
scoring_system epss
scoring_elements 0.14185
published_at 2026-04-09T12:55:00Z
5
value 0.00046
scoring_system epss
scoring_elements 0.14136
published_at 2026-04-11T12:55:00Z
6
value 0.00046
scoring_system epss
scoring_elements 0.14094
published_at 2026-04-12T12:55:00Z
7
value 0.00046
scoring_system epss
scoring_elements 0.1404
published_at 2026-04-13T12:55:00Z
8
value 0.00046
scoring_system epss
scoring_elements 0.13935
published_at 2026-04-16T12:55:00Z
9
value 0.00046
scoring_system epss
scoring_elements 0.13934
published_at 2026-04-18T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17503
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68460
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68460
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122899
reference_id 1122899
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122899
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2423487
reference_id 2423487
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2423487
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2025-68460
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nb2-9vgp-tqg9
2
url VCID-3kyu-tx4q-p3aq
vulnerability_id VCID-3kyu-tx4q-p3aq
summary 
Roundcube Webmail Vulnerable to Authenticated RCE via PHP Object Deserialization
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49113.json
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49113.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-49113
reference_id
reference_type
scores
0
value 0.90478
scoring_system epss
scoring_elements 0.99609
published_at 2026-04-18T12:55:00Z
1
value 0.90891
scoring_system epss
scoring_elements 0.99636
published_at 2026-04-21T12:55:00Z
2
value 0.91243
scoring_system epss
scoring_elements 0.99653
published_at 2026-04-16T12:55:00Z
3
value 0.91574
scoring_system epss
scoring_elements 0.9967
published_at 2026-04-02T12:55:00Z
4
value 0.91574
scoring_system epss
scoring_elements 0.99675
published_at 2026-04-13T12:55:00Z
5
value 0.91574
scoring_system epss
scoring_elements 0.99674
published_at 2026-04-09T12:55:00Z
6
value 0.91574
scoring_system epss
scoring_elements 0.99673
published_at 2026-04-07T12:55:00Z
7
value 0.91574
scoring_system epss
scoring_elements 0.99672
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-49113
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49113
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49113
3
reference_url https://fearsoff.org/research/roundcube
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://fearsoff.org/research/roundcube
4
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
5
reference_url https://github.com/roundcube/roundcubemail/commit/0376f69e958a8fef7f6f09e352c541b4e7729c4d
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://github.com/roundcube/roundcubemail/commit/0376f69e958a8fef7f6f09e352c541b4e7729c4d
6
reference_url https://github.com/roundcube/roundcubemail/commit/7408f31379666124a39f9cb1018f62bc5e2dc695
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://github.com/roundcube/roundcubemail/commit/7408f31379666124a39f9cb1018f62bc5e2dc695
7
reference_url https://github.com/roundcube/roundcubemail/commit/c50a07d88ca38f018a0f4a0b008e9a1deb32637e
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://github.com/roundcube/roundcubemail/commit/c50a07d88ca38f018a0f4a0b008e9a1deb32637e
8
reference_url https://github.com/roundcube/roundcubemail/pull/9865
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://github.com/roundcube/roundcubemail/pull/9865
9
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.10
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.10
10
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.11
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.11
11
reference_url https://lists.debian.org/debian-lts-announce/2025/06/msg00008.html
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/06/msg00008.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-49113
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-49113
13
reference_url https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10
14
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-49113
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-49113
15
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-49113-roundcube-mitigation-script
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://www.vicarius.io/vsociety/posts/cve-2025-49113-roundcube-mitigation-script
16
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-49113-roundcube-vulnerability-detection
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-20T20:05:40Z/
url https://www.vicarius.io/vsociety/posts/cve-2025-49113-roundcube-vulnerability-detection
17
reference_url http://www.openwall.com/lists/oss-security/2025/06/02/3
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/02/3
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107073
reference_id 1107073
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107073
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2369696
reference_id 2369696
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2369696
20
reference_url https://security.archlinux.org/ASA-202506-1
reference_id ASA-202506-1
reference_type
scores
url https://security.archlinux.org/ASA-202506-1
21
reference_url https://security.archlinux.org/AVG-2891
reference_id AVG-2891
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2891
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52324.NA
reference_id CVE-2025-49113
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52324.NA
23
reference_url https://github.com/advisories/GHSA-8j8w-wwqc-x596
reference_id GHSA-8j8w-wwqc-x596
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8j8w-wwqc-x596
24
reference_url https://usn.ubuntu.com/7584-1/
reference_id USN-7584-1
reference_type
scores
url https://usn.ubuntu.com/7584-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2025-49113, GHSA-8j8w-wwqc-x596
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kyu-tx4q-p3aq
3
url VCID-4yzj-hrqv-vbcp
vulnerability_id VCID-4yzj-hrqv-vbcp
summary Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25916
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09829
published_at 2026-04-07T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09789
published_at 2026-04-16T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09906
published_at 2026-04-13T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.09931
published_at 2026-04-12T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.09968
published_at 2026-04-11T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.09956
published_at 2026-04-09T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.09904
published_at 2026-04-08T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.11763
published_at 2026-04-21T12:55:00Z
8
value 0.00039
scoring_system epss
scoring_elements 0.11641
published_at 2026-04-18T12:55:00Z
9
value 0.00041
scoring_system epss
scoring_elements 0.12448
published_at 2026-04-02T12:55:00Z
10
value 0.00041
scoring_system epss
scoring_elements 0.12491
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25916
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25916
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127447
reference_id 1127447
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127447
3
reference_url https://nullcathedral.com/posts/2026-02-08-roundcube-svg-feimage-remote-image-bypass/
reference_id 2026-02-08-roundcube-svg-feimage-remote-image-bypass
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T14:54:49Z/
url https://nullcathedral.com/posts/2026-02-08-roundcube-svg-feimage-remote-image-bypass/
4
reference_url https://github.com/roundcube/roundcubemail/commit/26d7677
reference_id 26d7677
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T14:54:49Z/
url https://github.com/roundcube/roundcubemail/commit/26d7677
5
reference_url https://news.ycombinator.com/item?id=46937012
reference_id item?id=46937012
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T14:54:49Z/
url https://news.ycombinator.com/item?id=46937012
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-25916
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yzj-hrqv-vbcp
4
url VCID-5yts-xnha-4bf3
vulnerability_id VCID-5yts-xnha-4bf3
summary Roundcube Webmail: Insufficient HTML attachment sanitization in preview mode
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35539
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10724
published_at 2026-04-07T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10896
published_at 2026-04-04T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11324
published_at 2026-04-08T12:55:00Z
3
value 0.00041
scoring_system epss
scoring_elements 0.12306
published_at 2026-04-18T12:55:00Z
4
value 0.00041
scoring_system epss
scoring_elements 0.12406
published_at 2026-04-13T12:55:00Z
5
value 0.00041
scoring_system epss
scoring_elements 0.12446
published_at 2026-04-12T12:55:00Z
6
value 0.00041
scoring_system epss
scoring_elements 0.12484
published_at 2026-04-11T12:55:00Z
7
value 0.00041
scoring_system epss
scoring_elements 0.12511
published_at 2026-04-09T12:55:00Z
8
value 0.00041
scoring_system epss
scoring_elements 0.12417
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35539
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35539
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/10a6d1fa8acac85c727b0a6ae4a6642bfa27bea1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:10:48Z/
url https://github.com/roundcube/roundcubemail/commit/10a6d1fa8acac85c727b0a6ae4a6642bfa27bea1
4
reference_url https://github.com/roundcube/roundcubemail/commit/1b30edf5369668c92fe91dae3d52e477c808aa4f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:10:48Z/
url https://github.com/roundcube/roundcubemail/commit/1b30edf5369668c92fe91dae3d52e477c808aa4f
5
reference_url https://github.com/roundcube/roundcubemail/commit/d742954ccbcdee7020f8f2e7c49ce0fca5a0efab
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:10:48Z/
url https://github.com/roundcube/roundcubemail/commit/d742954ccbcdee7020f8f2e7c49ce0fca5a0efab
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:10:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
7
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:10:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
8
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:10:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
9
reference_url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:10:48Z/
url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id 1131182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35539
reference_id CVE-2026-35539
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35539
12
reference_url https://github.com/advisories/GHSA-x4q5-8j5g-hpjc
reference_id GHSA-x4q5-8j5g-hpjc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x4q5-8j5g-hpjc
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35539, GHSA-x4q5-8j5g-hpjc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yts-xnha-4bf3
5
url VCID-8vmm-1hvf-17ap
vulnerability_id VCID-8vmm-1hvf-17ap
summary Roundcube: Bypass of remote image blocking via crafted BODY background attribute
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35542
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09403
published_at 2026-04-08T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10167
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10062
published_at 2026-04-07T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.12975
published_at 2026-04-18T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.12972
published_at 2026-04-16T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.1307
published_at 2026-04-13T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13122
published_at 2026-04-12T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.1316
published_at 2026-04-11T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13191
published_at 2026-04-09T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13072
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35542
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35542
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35542
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/e052328e3dc75f13adc2e314eaa4096ac21084ad
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:51:19Z/
url https://github.com/roundcube/roundcubemail/commit/e052328e3dc75f13adc2e314eaa4096ac21084ad
4
reference_url https://github.com/roundcube/roundcubemail/commit/fd0e98178db5c73eaa93d005b561874923f9b0f0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:51:19Z/
url https://github.com/roundcube/roundcubemail/commit/fd0e98178db5c73eaa93d005b561874923f9b0f0
5
reference_url https://github.com/roundcube/roundcubemail/commit/fde14d01adc9f37893cd82b635883e516ed453f8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:51:19Z/
url https://github.com/roundcube/roundcubemail/commit/fde14d01adc9f37893cd82b635883e516ed453f8
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:51:19Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
7
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:51:19Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
8
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:51:19Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
9
reference_url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:51:19Z/
url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id 1131182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35542
reference_id CVE-2026-35542
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35542
12
reference_url https://github.com/advisories/GHSA-5hf6-crg4-fg59
reference_id GHSA-5hf6-crg4-fg59
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5hf6-crg4-fg59
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35542, GHSA-5hf6-crg4-fg59
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vmm-1hvf-17ap
6
url VCID-8xf2-hjfv-hybh
vulnerability_id VCID-8xf2-hjfv-hybh
summary Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35544
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10066
published_at 2026-04-07T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.1017
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.1014
published_at 2026-04-08T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.12978
published_at 2026-04-18T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.12975
published_at 2026-04-16T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.13074
published_at 2026-04-13T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13126
published_at 2026-04-12T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13164
published_at 2026-04-11T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13195
published_at 2026-04-09T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13076
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35544
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35544
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/099009b9c8e1d3c636fb9a5af72f7c2596018662
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:06Z/
url https://github.com/roundcube/roundcubemail/commit/099009b9c8e1d3c636fb9a5af72f7c2596018662
4
reference_url https://github.com/roundcube/roundcubemail/commit/226811a1c974271dbedca72672923abaff8191c0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:06Z/
url https://github.com/roundcube/roundcubemail/commit/226811a1c974271dbedca72672923abaff8191c0
5
reference_url https://github.com/roundcube/roundcubemail/commit/57dec0c127b98e0c8e3b9c26c80049b9c4bcaea7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:06Z/
url https://github.com/roundcube/roundcubemail/commit/57dec0c127b98e0c8e3b9c26c80049b9c4bcaea7
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:06Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
7
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:06Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
8
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:06Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
9
reference_url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:06Z/
url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id 1131182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35544
reference_id CVE-2026-35544
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35544
12
reference_url https://github.com/advisories/GHSA-xpqh-grpw-4xmg
reference_id GHSA-xpqh-grpw-4xmg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xpqh-grpw-4xmg
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35544, GHSA-xpqh-grpw-4xmg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xf2-hjfv-hybh
7
url VCID-9uv1-gqq7-3kc9
vulnerability_id VCID-9uv1-gqq7-3kc9
summary roundcubemail: Roundcube Webmail: Cross-Site Scripting (XSS) vulnerability via crafted SVG animate tag
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68461.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68461.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68461
reference_id
reference_type
scores
0
value 0.06437
scoring_system epss
scoring_elements 0.91026
published_at 2026-04-04T12:55:00Z
1
value 0.06437
scoring_system epss
scoring_elements 0.91017
published_at 2026-04-02T12:55:00Z
2
value 0.06833
scoring_system epss
scoring_elements 0.91329
published_at 2026-04-08T12:55:00Z
3
value 0.06833
scoring_system epss
scoring_elements 0.91316
published_at 2026-04-07T12:55:00Z
4
value 0.06833
scoring_system epss
scoring_elements 0.91334
published_at 2026-04-09T12:55:00Z
5
value 0.06833
scoring_system epss
scoring_elements 0.91341
published_at 2026-04-11T12:55:00Z
6
value 0.06833
scoring_system epss
scoring_elements 0.91344
published_at 2026-04-12T12:55:00Z
7
value 0.06833
scoring_system epss
scoring_elements 0.91343
published_at 2026-04-13T12:55:00Z
8
value 0.06833
scoring_system epss
scoring_elements 0.91368
published_at 2026-04-16T12:55:00Z
9
value 0.06974
scoring_system epss
scoring_elements 0.91471
published_at 2026-04-18T12:55:00Z
10
value 0.08521
scoring_system epss
scoring_elements 0.92395
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68461
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68461
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68461
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122899
reference_id 1122899
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122899
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2423507
reference_id 2423507
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2423507
5
reference_url https://github.com/roundcube/roundcubemail/commit/bfa032631c36b900e7444dfa278340b33cbf7cdb
reference_id bfa032631c36b900e7444dfa278340b33cbf7cdb
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2026-02-20T20:07:06Z/
url https://github.com/roundcube/roundcubemail/commit/bfa032631c36b900e7444dfa278340b33cbf7cdb
6
reference_url https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12
reference_id security-updates-1.6.12-and-1.5.12
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2026-02-20T20:07:06Z/
url https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12
7
reference_url https://usn.ubuntu.com/8097-1/
reference_id USN-8097-1
reference_type
scores
url https://usn.ubuntu.com/8097-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2025-68461
risk_score 10.0
exploitability 2.0
weighted_severity 6.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9uv1-gqq7-3kc9
8
url VCID-ck88-1urs-2kes
vulnerability_id VCID-ck88-1urs-2kes
summary Roundcube Webmail: Bypass of remote image blocking via SVG content (with animate attributes) in an e-mail message
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35543
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09403
published_at 2026-04-08T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10167
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10062
published_at 2026-04-07T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.12975
published_at 2026-04-18T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.12972
published_at 2026-04-16T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.1307
published_at 2026-04-13T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13122
published_at 2026-04-12T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.1316
published_at 2026-04-11T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13191
published_at 2026-04-09T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13072
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35543
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35543
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35543
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/1a63e01542bff42aaa71c00c4c279a09ef31f20c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:45Z/
url https://github.com/roundcube/roundcubemail/commit/1a63e01542bff42aaa71c00c4c279a09ef31f20c
4
reference_url https://github.com/roundcube/roundcubemail/commit/39471343ee081ce1d31696c456a2c163462daae3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:45Z/
url https://github.com/roundcube/roundcubemail/commit/39471343ee081ce1d31696c456a2c163462daae3
5
reference_url https://github.com/roundcube/roundcubemail/commit/82ab5eca7b332fce7a174b2b987f0957a66377cd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:45Z/
url https://github.com/roundcube/roundcubemail/commit/82ab5eca7b332fce7a174b2b987f0957a66377cd
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:45Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
7
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:45Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
8
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:45Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
9
reference_url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:50:45Z/
url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id 1131182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35543
reference_id CVE-2026-35543
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35543
12
reference_url https://github.com/advisories/GHSA-j2g6-8rvg-7mf6
reference_id GHSA-j2g6-8rvg-7mf6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j2g6-8rvg-7mf6
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35543, GHSA-j2g6-8rvg-7mf6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ck88-1urs-2kes
9
url VCID-ddfq-28qm-2fbn
vulnerability_id VCID-ddfq-28qm-2fbn
summary Roundcube Webmail: Remote image blocking feature can be bypassed via SVG content in an e-mail message
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35545
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10066
published_at 2026-04-07T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.1017
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09759
published_at 2026-04-08T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13391
published_at 2026-04-18T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13393
published_at 2026-04-16T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.13482
published_at 2026-04-13T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13529
published_at 2026-04-12T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13567
published_at 2026-04-11T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.13595
published_at 2026-04-09T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13463
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35545
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35545
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35545
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/7ad62de184368bf42c0f522d1aacc030f5ddcc46
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T15:35:57Z/
url https://github.com/roundcube/roundcubemail/commit/7ad62de184368bf42c0f522d1aacc030f5ddcc46
4
reference_url https://github.com/roundcube/roundcubemail/commit/9d18d524f3cc211003fc99e2e54eed09a2f3da88
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T15:35:57Z/
url https://github.com/roundcube/roundcubemail/commit/9d18d524f3cc211003fc99e2e54eed09a2f3da88
5
reference_url https://github.com/roundcube/roundcubemail/commit/fe1320b199d3a2f58351bb699c9ed4316e73221b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T15:35:57Z/
url https://github.com/roundcube/roundcubemail/commit/fe1320b199d3a2f58351bb699c9ed4316e73221b
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.15
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T15:35:57Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.15
7
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.15
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T15:35:57Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.15
8
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T15:35:57Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc6
9
reference_url https://roundcube.net/news/2026/03/29/security-updates-1.7-rc6-1.6.15-1.5.15
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T15:35:57Z/
url https://roundcube.net/news/2026/03/29/security-updates-1.7-rc6-1.6.15-1.5.15
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132268
reference_id 1132268
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132268
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35545
reference_id CVE-2026-35545
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35545
12
reference_url https://github.com/advisories/GHSA-w846-74jr-76cv
reference_id GHSA-w846-74jr-76cv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w846-74jr-76cv
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35545, GHSA-w846-74jr-76cv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddfq-28qm-2fbn
10
url VCID-gh6k-19h8-fqbf
vulnerability_id VCID-gh6k-19h8-fqbf
summary Roundcube Webmail: Unsanitized IMAP SEARCH command arguments
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35538
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10455
published_at 2026-04-07T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10593
published_at 2026-04-04T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.11044
published_at 2026-04-08T12:55:00Z
3
value 0.00041
scoring_system epss
scoring_elements 0.12436
published_at 2026-04-18T12:55:00Z
4
value 0.00041
scoring_system epss
scoring_elements 0.12431
published_at 2026-04-16T12:55:00Z
5
value 0.00041
scoring_system epss
scoring_elements 0.12527
published_at 2026-04-13T12:55:00Z
6
value 0.00041
scoring_system epss
scoring_elements 0.12566
published_at 2026-04-12T12:55:00Z
7
value 0.00041
scoring_system epss
scoring_elements 0.12607
published_at 2026-04-11T12:55:00Z
8
value 0.00041
scoring_system epss
scoring_elements 0.1264
published_at 2026-04-09T12:55:00Z
9
value 0.00041
scoring_system epss
scoring_elements 0.12551
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35538
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35538
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35538
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/5fe8a69956a9683a4269f3ad2a68e18deebf8a15
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:14Z/
url https://github.com/roundcube/roundcubemail/commit/5fe8a69956a9683a4269f3ad2a68e18deebf8a15
4
reference_url https://github.com/roundcube/roundcubemail/commit/7daf5aa9c190ccc75bb31672d8fee9938877fd64
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:14Z/
url https://github.com/roundcube/roundcubemail/commit/7daf5aa9c190ccc75bb31672d8fee9938877fd64
5
reference_url https://github.com/roundcube/roundcubemail/commit/b18a8fa8e81571914c0ff55d4e20edb459c6952c
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:14Z/
url https://github.com/roundcube/roundcubemail/commit/b18a8fa8e81571914c0ff55d4e20edb459c6952c
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:14Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.14
7
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:14Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
8
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:14Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
9
reference_url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:11:14Z/
url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id 1131182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35538
reference_id CVE-2026-35538
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35538
12
reference_url https://github.com/advisories/GHSA-8jr8-v43g-5c57
reference_id GHSA-8jr8-v43g-5c57
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8jr8-v43g-5c57
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35538, GHSA-8jr8-v43g-5c57
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gh6k-19h8-fqbf
11
url VCID-rdb5-bbvn-7fcq
vulnerability_id VCID-rdb5-bbvn-7fcq
summary Multiple vulnerabilities have been discovered in Roundcube, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15237
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.34045
published_at 2026-04-21T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.34057
published_at 2026-04-13T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.34092
published_at 2026-04-16T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.3382
published_at 2026-04-01T12:55:00Z
4
value 0.00139
scoring_system epss
scoring_elements 0.34158
published_at 2026-04-02T12:55:00Z
5
value 0.00139
scoring_system epss
scoring_elements 0.34191
published_at 2026-04-04T12:55:00Z
6
value 0.00139
scoring_system epss
scoring_elements 0.34051
published_at 2026-04-07T12:55:00Z
7
value 0.00139
scoring_system epss
scoring_elements 0.34094
published_at 2026-04-08T12:55:00Z
8
value 0.00139
scoring_system epss
scoring_elements 0.34125
published_at 2026-04-09T12:55:00Z
9
value 0.00139
scoring_system epss
scoring_elements 0.34123
published_at 2026-04-11T12:55:00Z
10
value 0.00139
scoring_system epss
scoring_elements 0.3408
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15237
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15237
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15237
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/roundcube/roundcubemail/issues/6891
reference_id
reference_type
scores
url https://github.com/roundcube/roundcubemail/issues/6891
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFFMSO5WKEYSGMTZPZFF4ZADUJ57PRN5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFFMSO5WKEYSGMTZPZFF4ZADUJ57PRN5/
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949629
reference_id 949629
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949629
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-15237
reference_id CVE-2019-15237
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-15237
9
reference_url https://security.gentoo.org/glsa/202507-10
reference_id GLSA-202507-10
reference_type
scores
url https://security.gentoo.org/glsa/202507-10
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2019-15237
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdb5-bbvn-7fcq
12
url VCID-ub6x-9dku-c7fk
vulnerability_id VCID-ub6x-9dku-c7fk
summary Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35540
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.08833
published_at 2026-04-07T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.08902
published_at 2026-04-04T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09441
published_at 2026-04-08T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.1304
published_at 2026-04-18T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.13038
published_at 2026-04-16T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.13135
published_at 2026-04-13T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13187
published_at 2026-04-12T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13224
published_at 2026-04-11T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13255
published_at 2026-04-09T12:55:00Z
9
value 0.00047
scoring_system epss
scoring_elements 0.14425
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35540
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35540
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35540
2
reference_url https://github.com/roundcube/roundcubemail
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/roundcube/roundcubemail
3
reference_url https://github.com/roundcube/roundcubemail/commit/27ec6cc9cb25e1ef8b4d4ef39ce76d619caa6870
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:31Z/
url https://github.com/roundcube/roundcubemail/commit/27ec6cc9cb25e1ef8b4d4ef39ce76d619caa6870
4
reference_url https://github.com/roundcube/roundcubemail/commit/579b68eff90650a5c782e153debd66c765648942
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:31Z/
url https://github.com/roundcube/roundcubemail/commit/579b68eff90650a5c782e153debd66c765648942
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:31Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:31Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5
7
reference_url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T12:52:31Z/
url https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
reference_id 1131182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131182
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35540
reference_id CVE-2026-35540
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35540
10
reference_url https://github.com/advisories/GHSA-vxg2-hhgr-37fx
reference_id GHSA-vxg2-hhgr-37fx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxg2-hhgr-37fx
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-35540, GHSA-vxg2-hhgr-37fx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ub6x-9dku-c7fk
13
url VCID-vtz8-zmp4-xbdh
vulnerability_id VCID-vtz8-zmp4-xbdh
summary roundcubemail: Roundcube Webmail: Cascading Style Sheets (CSS) injection via mishandled comments
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26079.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26079.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26079
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22382
published_at 2026-04-18T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22386
published_at 2026-04-16T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22368
published_at 2026-04-13T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22423
published_at 2026-04-12T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.22465
published_at 2026-04-11T12:55:00Z
5
value 0.00074
scoring_system epss
scoring_elements 0.22443
published_at 2026-04-09T12:55:00Z
6
value 0.00074
scoring_system epss
scoring_elements 0.22307
published_at 2026-04-07T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22389
published_at 2026-04-08T12:55:00Z
8
value 0.00085
scoring_system epss
scoring_elements 0.2465
published_at 2026-04-21T12:55:00Z
9
value 0.00089
scoring_system epss
scoring_elements 0.25439
published_at 2026-04-04T12:55:00Z
10
value 0.00089
scoring_system epss
scoring_elements 0.25403
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26079
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26079
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127447
reference_id 1127447
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127447
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.13
reference_id 1.5.13
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.13
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.13
reference_id 1.6.13
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.13
7
reference_url https://github.com/roundcube/roundcubemail/commit/1f4c3a5af5033747f9685a8a395dbd8228d19816
reference_id 1f4c3a5af5033747f9685a8a395dbd8228d19816
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/commit/1f4c3a5af5033747f9685a8a395dbd8228d19816
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2438807
reference_id 2438807
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2438807
9
reference_url https://github.com/roundcube/roundcubemail/commit/2b5625f1d2ef7e050fd1ae481b2a52dc35466447
reference_id 2b5625f1d2ef7e050fd1ae481b2a52dc35466447
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/commit/2b5625f1d2ef7e050fd1ae481b2a52dc35466447
10
reference_url https://github.com/roundcube/roundcubemail/commit/53d75d5dfebef235a344d476b900c20c12d52b01
reference_id 53d75d5dfebef235a344d476b900c20c12d52b01
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/commit/53d75d5dfebef235a344d476b900c20c12d52b01
11
reference_url https://github.com/roundcube/roundcubemail/commit/5a3315cce587e0be58335d11ff9a5571c90494a5
reference_id 5a3315cce587e0be58335d11ff9a5571c90494a5
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/commit/5a3315cce587e0be58335d11ff9a5571c90494a5
12
reference_url https://github.com/roundcube/roundcubemail/commit/bf89cbaa5897d8ad62e8057d9a3f6babb90b7954
reference_id bf89cbaa5897d8ad62e8057d9a3f6babb90b7954
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/commit/bf89cbaa5897d8ad62e8057d9a3f6babb90b7954
13
reference_url https://github.com/roundcube/roundcubemail/commit/c15f5dbf093a497e19a749b20e7f8fb5a9c24cde
reference_id c15f5dbf093a497e19a749b20e7f8fb5a9c24cde
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://github.com/roundcube/roundcubemail/commit/c15f5dbf093a497e19a749b20e7f8fb5a9c24cde
14
reference_url https://roundcube.net/news/2026/02/08/security-updates-1.6.13-and-1.5.13
reference_id security-updates-1.6.13-and-1.5.13
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T16:05:48Z/
url https://roundcube.net/news/2026/02/08/security-updates-1.6.13-and-1.5.13
fixed_packages
0
url pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.6.5%252Bdfsg-1%252Bdeb12u6
aliases CVE-2026-26079
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtz8-zmp4-xbdh
Fixing_vulnerabilities
0
url VCID-14vp-t71a-4bh1
vulnerability_id VCID-14vp-t71a-4bh1
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-46144
reference_id
reference_type
scores
0
value 0.01055
scoring_system epss
scoring_elements 0.77528
published_at 2026-04-01T12:55:00Z
1
value 0.01055
scoring_system epss
scoring_elements 0.77534
published_at 2026-04-02T12:55:00Z
2
value 0.01055
scoring_system epss
scoring_elements 0.7756
published_at 2026-04-04T12:55:00Z
3
value 0.01055
scoring_system epss
scoring_elements 0.77539
published_at 2026-04-07T12:55:00Z
4
value 0.01055
scoring_system epss
scoring_elements 0.7757
published_at 2026-04-08T12:55:00Z
5
value 0.01055
scoring_system epss
scoring_elements 0.77578
published_at 2026-04-09T12:55:00Z
6
value 0.01055
scoring_system epss
scoring_elements 0.77604
published_at 2026-04-11T12:55:00Z
7
value 0.01055
scoring_system epss
scoring_elements 0.77589
published_at 2026-04-12T12:55:00Z
8
value 0.01055
scoring_system epss
scoring_elements 0.77588
published_at 2026-04-13T12:55:00Z
9
value 0.01055
scoring_system epss
scoring_elements 0.77625
published_at 2026-04-16T12:55:00Z
10
value 0.01055
scoring_system epss
scoring_elements 0.77623
published_at 2026-04-18T12:55:00Z
11
value 0.01055
scoring_system epss
scoring_elements 0.77618
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-46144
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46144
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46144
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003027
reference_id 1003027
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003027
3
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
1
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2021-46144
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-14vp-t71a-4bh1
1
url VCID-2eyy-k49d-m3af
vulnerability_id VCID-2eyy-k49d-m3af
summary Multiple vulnerabilities have been discovered in Roundcube, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44026
reference_id
reference_type
scores
0
value 0.64041
scoring_system epss
scoring_elements 0.98426
published_at 2026-04-04T12:55:00Z
1
value 0.64041
scoring_system epss
scoring_elements 0.98422
published_at 2026-04-02T12:55:00Z
2
value 0.64041
scoring_system epss
scoring_elements 0.9842
published_at 2026-04-01T12:55:00Z
3
value 0.64041
scoring_system epss
scoring_elements 0.9844
published_at 2026-04-16T12:55:00Z
4
value 0.64041
scoring_system epss
scoring_elements 0.98436
published_at 2026-04-13T12:55:00Z
5
value 0.64041
scoring_system epss
scoring_elements 0.98432
published_at 2026-04-09T12:55:00Z
6
value 0.64041
scoring_system epss
scoring_elements 0.98431
published_at 2026-04-08T12:55:00Z
7
value 0.64041
scoring_system epss
scoring_elements 0.98428
published_at 2026-04-07T12:55:00Z
8
value 0.72527
scoring_system epss
scoring_elements 0.98773
published_at 2026-04-21T12:55:00Z
9
value 0.72527
scoring_system epss
scoring_elements 0.98772
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44026
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44025
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44025
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44026
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44026
3
reference_url https://bugs.debian.org/1000156
reference_id 1000156
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:33:07Z/
url https://bugs.debian.org/1000156
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000156
reference_id 1000156
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000156
5
reference_url https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1
reference_id c8947ecb762d9e89c2091bda28d49002817263f1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:33:07Z/
url https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1
6
reference_url https://www.debian.org/security/2021/dsa-5013
reference_id dsa-5013
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:33:07Z/
url https://www.debian.org/security/2021/dsa-5013
7
reference_url https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa
reference_id ee809bde2dcaa04857a919397808a7296681dcfa
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:33:07Z/
url https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa
8
reference_url https://security.gentoo.org/glsa/202507-10
reference_id GLSA-202507-10
reference_type
scores
url https://security.gentoo.org/glsa/202507-10
9
reference_url https://lists.debian.org/debian-lts-announce/2021/12/msg00004.html
reference_id msg00004.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:33:07Z/
url https://lists.debian.org/debian-lts-announce/2021/12/msg00004.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDVGIZMQJ5IOM47Y3SAAJRN5VPANKTKO/
reference_id NDVGIZMQJ5IOM47Y3SAAJRN5VPANKTKO
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:33:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDVGIZMQJ5IOM47Y3SAAJRN5VPANKTKO/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TP3Y5RXTUUOUODNG7HFEKWYNIPIT2NL4/
reference_id TP3Y5RXTUUOUODNG7HFEKWYNIPIT2NL4
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:33:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TP3Y5RXTUUOUODNG7HFEKWYNIPIT2NL4/
12
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
1
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2021-44026
risk_score 10.0
exploitability 2.0
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2eyy-k49d-m3af
2
url VCID-2k4q-26tk-j3gx
vulnerability_id VCID-2k4q-26tk-j3gx
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-42010
reference_id
reference_type
scores
0
value 0.14764
scoring_system epss
scoring_elements 0.94518
published_at 2026-04-21T12:55:00Z
1
value 0.14764
scoring_system epss
scoring_elements 0.94467
published_at 2026-04-02T12:55:00Z
2
value 0.14764
scoring_system epss
scoring_elements 0.94474
published_at 2026-04-04T12:55:00Z
3
value 0.14764
scoring_system epss
scoring_elements 0.94476
published_at 2026-04-07T12:55:00Z
4
value 0.14764
scoring_system epss
scoring_elements 0.94486
published_at 2026-04-08T12:55:00Z
5
value 0.14764
scoring_system epss
scoring_elements 0.94489
published_at 2026-04-09T12:55:00Z
6
value 0.14764
scoring_system epss
scoring_elements 0.94493
published_at 2026-04-11T12:55:00Z
7
value 0.14764
scoring_system epss
scoring_elements 0.94495
published_at 2026-04-13T12:55:00Z
8
value 0.14764
scoring_system epss
scoring_elements 0.94509
published_at 2026-04-16T12:55:00Z
9
value 0.14764
scoring_system epss
scoring_elements 0.94513
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-42010
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969
reference_id 1077969
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.8
reference_id 1.5.8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.8
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
reference_id 1.6.8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
7
reference_url https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
reference_id government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/
url https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
8
reference_url https://github.com/roundcube/roundcubemail/releases
reference_id releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/
url https://github.com/roundcube/roundcubemail/releases
9
reference_url https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8
reference_id security-updates-1.6.8-and-1.5.8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T14:03:28Z/
url https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2024-42010
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2k4q-26tk-j3gx
3
url VCID-36et-26h7-pke7
vulnerability_id VCID-36et-26h7-pke7
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-42008
reference_id
reference_type
scores
0
value 0.57251
scoring_system epss
scoring_elements 0.98154
published_at 2026-04-21T12:55:00Z
1
value 0.57251
scoring_system epss
scoring_elements 0.98136
published_at 2026-04-02T12:55:00Z
2
value 0.57251
scoring_system epss
scoring_elements 0.98139
published_at 2026-04-04T12:55:00Z
3
value 0.57251
scoring_system epss
scoring_elements 0.98141
published_at 2026-04-07T12:55:00Z
4
value 0.57251
scoring_system epss
scoring_elements 0.98145
published_at 2026-04-08T12:55:00Z
5
value 0.57251
scoring_system epss
scoring_elements 0.98146
published_at 2026-04-09T12:55:00Z
6
value 0.57251
scoring_system epss
scoring_elements 0.98149
published_at 2026-04-11T12:55:00Z
7
value 0.57251
scoring_system epss
scoring_elements 0.9815
published_at 2026-04-13T12:55:00Z
8
value 0.57251
scoring_system epss
scoring_elements 0.98156
published_at 2026-04-16T12:55:00Z
9
value 0.58573
scoring_system epss
scoring_elements 0.98218
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-42008
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969
reference_id 1077969
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.8
reference_id 1.5.8
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.8
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
reference_id 1.6.8
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
7
reference_url https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
reference_id government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/
url https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
8
reference_url https://github.com/roundcube/roundcubemail/releases
reference_id releases
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/
url https://github.com/roundcube/roundcubemail/releases
9
reference_url https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8
reference_id security-updates-1.6.8-and-1.5.8
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:56:10Z/
url https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2024-42008
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-36et-26h7-pke7
4
url VCID-79me-pjdn-ykgq
vulnerability_id VCID-79me-pjdn-ykgq
summary 
A flaw in Roundcube's handling of configuration files may allow
    arbitrary code execution, amongst other vulnerabilities.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12640
reference_id
reference_type
scores
0
value 0.22659
scoring_system epss
scoring_elements 0.95822
published_at 2026-04-01T12:55:00Z
1
value 0.22659
scoring_system epss
scoring_elements 0.95831
published_at 2026-04-02T12:55:00Z
2
value 0.22659
scoring_system epss
scoring_elements 0.95839
published_at 2026-04-04T12:55:00Z
3
value 0.22659
scoring_system epss
scoring_elements 0.95842
published_at 2026-04-07T12:55:00Z
4
value 0.22659
scoring_system epss
scoring_elements 0.9585
published_at 2026-04-08T12:55:00Z
5
value 0.22659
scoring_system epss
scoring_elements 0.95854
published_at 2026-04-09T12:55:00Z
6
value 0.22659
scoring_system epss
scoring_elements 0.95857
published_at 2026-04-11T12:55:00Z
7
value 0.22659
scoring_system epss
scoring_elements 0.95856
published_at 2026-04-12T12:55:00Z
8
value 0.22659
scoring_system epss
scoring_elements 0.95858
published_at 2026-04-13T12:55:00Z
9
value 0.22659
scoring_system epss
scoring_elements 0.95869
published_at 2026-04-16T12:55:00Z
10
value 0.22659
scoring_system epss
scoring_elements 0.95875
published_at 2026-04-18T12:55:00Z
11
value 0.22659
scoring_system epss
scoring_elements 0.95877
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12640
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12640
2
reference_url https://security.gentoo.org/glsa/202007-41
reference_id GLSA-202007-41
reference_type
scores
url https://security.gentoo.org/glsa/202007-41
3
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-12640
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-79me-pjdn-ykgq
5
url VCID-7nn6-aywu-z7g8
vulnerability_id VCID-7nn6-aywu-z7g8
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13964
reference_id
reference_type
scores
0
value 0.00872
scoring_system epss
scoring_elements 0.75174
published_at 2026-04-01T12:55:00Z
1
value 0.00872
scoring_system epss
scoring_elements 0.75177
published_at 2026-04-02T12:55:00Z
2
value 0.00872
scoring_system epss
scoring_elements 0.75208
published_at 2026-04-04T12:55:00Z
3
value 0.00872
scoring_system epss
scoring_elements 0.75184
published_at 2026-04-07T12:55:00Z
4
value 0.00872
scoring_system epss
scoring_elements 0.75219
published_at 2026-04-08T12:55:00Z
5
value 0.00872
scoring_system epss
scoring_elements 0.75231
published_at 2026-04-09T12:55:00Z
6
value 0.00872
scoring_system epss
scoring_elements 0.75252
published_at 2026-04-11T12:55:00Z
7
value 0.00872
scoring_system epss
scoring_elements 0.75229
published_at 2026-04-12T12:55:00Z
8
value 0.00872
scoring_system epss
scoring_elements 0.75218
published_at 2026-04-13T12:55:00Z
9
value 0.00872
scoring_system epss
scoring_elements 0.75256
published_at 2026-04-16T12:55:00Z
10
value 0.00872
scoring_system epss
scoring_elements 0.75263
published_at 2026-04-18T12:55:00Z
11
value 0.00872
scoring_system epss
scoring_elements 0.75254
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13964
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13964
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13964
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13965
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962123
reference_id 962123
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962123
4
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
purl pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9ktu-55q4-3kau
15
vulnerability VCID-9uv1-gqq7-3kc9
16
vulnerability VCID-cjkd-2jr6-n7as
17
vulnerability VCID-ck88-1urs-2kes
18
vulnerability VCID-cnkc-vcp7-6kcw
19
vulnerability VCID-ddfq-28qm-2fbn
20
vulnerability VCID-fuh5-bwaq-yyfk
21
vulnerability VCID-gh6k-19h8-fqbf
22
vulnerability VCID-hg1a-vx5c-hue3
23
vulnerability VCID-j29t-cw2h-mfd8
24
vulnerability VCID-jck5-xymf-s3bh
25
vulnerability VCID-jqs5-8ct7-wfgk
26
vulnerability VCID-kyxz-v3sj-w3cw
27
vulnerability VCID-m4yc-ms54-zyhv
28
vulnerability VCID-ncbg-6m11-3qan
29
vulnerability VCID-qwak-6wgy-wfgs
30
vulnerability VCID-rc91-j3kf-zfch
31
vulnerability VCID-s6p1-rf35-euhy
32
vulnerability VCID-ts1p-pw9v-cbh3
33
vulnerability VCID-u8a4-4pe2-9kcb
34
vulnerability VCID-ub6x-9dku-c7fk
35
vulnerability VCID-ur1a-7tdn-h3hu
36
vulnerability VCID-vehj-ytsm-kqgz
37
vulnerability VCID-vtz8-zmp4-xbdh
38
vulnerability VCID-x9j7-98zt-6ygt
39
vulnerability VCID-xssa-fwbx-kybq
40
vulnerability VCID-ybv7-hqmj-nbgr
41
vulnerability VCID-z3kp-p8ch-myhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.2.3%252Bdfsg.1-4%252Bdeb9u6
1
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
2
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-13964
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nn6-aywu-z7g8
6
url VCID-9der-5csu-nbbq
vulnerability_id VCID-9der-5csu-nbbq
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-42009
reference_id
reference_type
scores
0
value 0.91411
scoring_system epss
scoring_elements 0.99657
published_at 2026-04-02T12:55:00Z
1
value 0.91411
scoring_system epss
scoring_elements 0.99666
published_at 2026-04-21T12:55:00Z
2
value 0.91411
scoring_system epss
scoring_elements 0.99665
published_at 2026-04-18T12:55:00Z
3
value 0.91411
scoring_system epss
scoring_elements 0.99664
published_at 2026-04-16T12:55:00Z
4
value 0.91411
scoring_system epss
scoring_elements 0.99663
published_at 2026-04-13T12:55:00Z
5
value 0.91411
scoring_system epss
scoring_elements 0.99662
published_at 2026-04-12T12:55:00Z
6
value 0.91411
scoring_system epss
scoring_elements 0.99661
published_at 2026-04-11T12:55:00Z
7
value 0.91411
scoring_system epss
scoring_elements 0.9966
published_at 2026-04-07T12:55:00Z
8
value 0.91411
scoring_system epss
scoring_elements 0.99658
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-42009
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42008
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42009
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42010
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969
reference_id 1077969
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077969
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.8
reference_id 1.5.8
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.8
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
reference_id 1.6.8
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
7
reference_url https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
reference_id government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/
url https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
8
reference_url https://github.com/roundcube/roundcubemail/releases
reference_id releases
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/
url https://github.com/roundcube/roundcubemail/releases
9
reference_url https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8
reference_id security-updates-1.6.8-and-1.5.8
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:09Z/
url https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8
10
reference_url https://usn.ubuntu.com/7636-1/
reference_id USN-7636-1
reference_type
scores
url https://usn.ubuntu.com/7636-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2024-42009
risk_score 10.0
exploitability 2.0
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9der-5csu-nbbq
7
url VCID-cjkd-2jr6-n7as
vulnerability_id VCID-cjkd-2jr6-n7as
summary roundcubemail: allows XSS via SVG animate attributes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37383.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37383.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-37383
reference_id
reference_type
scores
0
value 0.64028
scoring_system epss
scoring_elements 0.98431
published_at 2026-04-09T12:55:00Z
1
value 0.64028
scoring_system epss
scoring_elements 0.98438
published_at 2026-04-21T12:55:00Z
2
value 0.64028
scoring_system epss
scoring_elements 0.98439
published_at 2026-04-16T12:55:00Z
3
value 0.64028
scoring_system epss
scoring_elements 0.98435
published_at 2026-04-13T12:55:00Z
4
value 0.64519
scoring_system epss
scoring_elements 0.98441
published_at 2026-04-02T12:55:00Z
5
value 0.64519
scoring_system epss
scoring_elements 0.98444
published_at 2026-04-04T12:55:00Z
6
value 0.64519
scoring_system epss
scoring_elements 0.98446
published_at 2026-04-07T12:55:00Z
7
value 0.64519
scoring_system epss
scoring_elements 0.9845
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-37383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37383
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37384
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071474
reference_id 1071474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071474
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.7
reference_id 1.5.7
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:32:17Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.7
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.7
reference_id 1.6.7
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:32:17Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.7
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2290826
reference_id 2290826
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2290826
8
reference_url https://github.com/roundcube/roundcubemail/commit/43aaaa528646877789ec028d87924ba1accf5242
reference_id 43aaaa528646877789ec028d87924ba1accf5242
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:32:17Z/
url https://github.com/roundcube/roundcubemail/commit/43aaaa528646877789ec028d87924ba1accf5242
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52173.txt
reference_id CVE-2024-37383
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52173.txt
10
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00008.html
reference_id msg00008.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:32:17Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00008.html
11
reference_url https://usn.ubuntu.com/6848-1/
reference_id USN-6848-1
reference_type
scores
url https://usn.ubuntu.com/6848-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2024-37383
risk_score 10.0
exploitability 2.0
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjkd-2jr6-n7as
8
url VCID-cnkc-vcp7-6kcw
vulnerability_id VCID-cnkc-vcp7-6kcw
summary 
A flaw in Roundcube's handling of configuration files may allow
    arbitrary code execution, amongst other vulnerabilities.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12626
reference_id
reference_type
scores
0
value 0.01288
scoring_system epss
scoring_elements 0.79589
published_at 2026-04-01T12:55:00Z
1
value 0.01288
scoring_system epss
scoring_elements 0.79596
published_at 2026-04-02T12:55:00Z
2
value 0.01288
scoring_system epss
scoring_elements 0.79618
published_at 2026-04-04T12:55:00Z
3
value 0.01288
scoring_system epss
scoring_elements 0.79605
published_at 2026-04-07T12:55:00Z
4
value 0.01288
scoring_system epss
scoring_elements 0.79634
published_at 2026-04-08T12:55:00Z
5
value 0.01288
scoring_system epss
scoring_elements 0.79642
published_at 2026-04-09T12:55:00Z
6
value 0.01288
scoring_system epss
scoring_elements 0.79662
published_at 2026-04-11T12:55:00Z
7
value 0.01288
scoring_system epss
scoring_elements 0.79647
published_at 2026-04-12T12:55:00Z
8
value 0.01288
scoring_system epss
scoring_elements 0.79639
published_at 2026-04-13T12:55:00Z
9
value 0.01288
scoring_system epss
scoring_elements 0.7967
published_at 2026-04-16T12:55:00Z
10
value 0.01288
scoring_system epss
scoring_elements 0.79669
published_at 2026-04-18T12:55:00Z
11
value 0.01288
scoring_system epss
scoring_elements 0.79673
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12626
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12625
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12626
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959142
reference_id 959142
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959142
4
reference_url https://security.gentoo.org/glsa/202007-41
reference_id GLSA-202007-41
reference_type
scores
url https://security.gentoo.org/glsa/202007-41
5
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
purl pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9ktu-55q4-3kau
15
vulnerability VCID-9uv1-gqq7-3kc9
16
vulnerability VCID-cjkd-2jr6-n7as
17
vulnerability VCID-ck88-1urs-2kes
18
vulnerability VCID-cnkc-vcp7-6kcw
19
vulnerability VCID-ddfq-28qm-2fbn
20
vulnerability VCID-fuh5-bwaq-yyfk
21
vulnerability VCID-gh6k-19h8-fqbf
22
vulnerability VCID-hg1a-vx5c-hue3
23
vulnerability VCID-j29t-cw2h-mfd8
24
vulnerability VCID-jck5-xymf-s3bh
25
vulnerability VCID-jqs5-8ct7-wfgk
26
vulnerability VCID-kyxz-v3sj-w3cw
27
vulnerability VCID-m4yc-ms54-zyhv
28
vulnerability VCID-ncbg-6m11-3qan
29
vulnerability VCID-qwak-6wgy-wfgs
30
vulnerability VCID-rc91-j3kf-zfch
31
vulnerability VCID-s6p1-rf35-euhy
32
vulnerability VCID-ts1p-pw9v-cbh3
33
vulnerability VCID-u8a4-4pe2-9kcb
34
vulnerability VCID-ub6x-9dku-c7fk
35
vulnerability VCID-ur1a-7tdn-h3hu
36
vulnerability VCID-vehj-ytsm-kqgz
37
vulnerability VCID-vtz8-zmp4-xbdh
38
vulnerability VCID-x9j7-98zt-6ygt
39
vulnerability VCID-xssa-fwbx-kybq
40
vulnerability VCID-ybv7-hqmj-nbgr
41
vulnerability VCID-z3kp-p8ch-myhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.2.3%252Bdfsg.1-4%252Bdeb9u6
1
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
2
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-12626
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cnkc-vcp7-6kcw
9
url VCID-hg1a-vx5c-hue3
vulnerability_id VCID-hg1a-vx5c-hue3
summary 
A flaw in Roundcube's handling of configuration files may allow
    arbitrary code execution, amongst other vulnerabilities.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12641
reference_id
reference_type
scores
0
value 0.93133
scoring_system epss
scoring_elements 0.99793
published_at 2026-04-02T12:55:00Z
1
value 0.93133
scoring_system epss
scoring_elements 0.99794
published_at 2026-04-04T12:55:00Z
2
value 0.93133
scoring_system epss
scoring_elements 0.99795
published_at 2026-04-09T12:55:00Z
3
value 0.93133
scoring_system epss
scoring_elements 0.99796
published_at 2026-04-13T12:55:00Z
4
value 0.93133
scoring_system epss
scoring_elements 0.99797
published_at 2026-04-16T12:55:00Z
5
value 0.93133
scoring_system epss
scoring_elements 0.99798
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12641
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12641
2
reference_url https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4
reference_id 1.4.3...1.4.4
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:53:48Z/
url https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4
3
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.4.4
reference_id 1.4.4
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:53:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.4.4
4
reference_url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12641-Command%20Injection-Roundcube
reference_id CVE-2020-12641-Command%20Injection-Roundcube
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:53:48Z/
url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12641-Command%20Injection-Roundcube
5
reference_url https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3
reference_id fcfb099477f353373c34c8a65c9035b06b364db3
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:53:48Z/
url https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3
6
reference_url https://security.gentoo.org/glsa/202007-41
reference_id GLSA-202007-41
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:53:48Z/
url https://security.gentoo.org/glsa/202007-41
7
reference_url https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
reference_id security-updates-1.4.4-1.3.11-and-1.2.10
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T19:53:48Z/
url https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
8
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-12641
risk_score 10.0
exploitability 2.0
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hg1a-vx5c-hue3
10
url VCID-jck5-xymf-s3bh
vulnerability_id VCID-jck5-xymf-s3bh
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-16145
reference_id
reference_type
scores
0
value 0.00704
scoring_system epss
scoring_elements 0.72041
published_at 2026-04-01T12:55:00Z
1
value 0.00704
scoring_system epss
scoring_elements 0.72047
published_at 2026-04-02T12:55:00Z
2
value 0.00704
scoring_system epss
scoring_elements 0.72068
published_at 2026-04-04T12:55:00Z
3
value 0.00704
scoring_system epss
scoring_elements 0.72044
published_at 2026-04-07T12:55:00Z
4
value 0.00704
scoring_system epss
scoring_elements 0.72081
published_at 2026-04-08T12:55:00Z
5
value 0.00704
scoring_system epss
scoring_elements 0.72093
published_at 2026-04-09T12:55:00Z
6
value 0.00704
scoring_system epss
scoring_elements 0.72116
published_at 2026-04-11T12:55:00Z
7
value 0.00704
scoring_system epss
scoring_elements 0.72101
published_at 2026-04-12T12:55:00Z
8
value 0.00704
scoring_system epss
scoring_elements 0.72086
published_at 2026-04-13T12:55:00Z
9
value 0.00704
scoring_system epss
scoring_elements 0.72127
published_at 2026-04-16T12:55:00Z
10
value 0.00704
scoring_system epss
scoring_elements 0.72135
published_at 2026-04-18T12:55:00Z
11
value 0.00704
scoring_system epss
scoring_elements 0.7212
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-16145
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16145
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16145
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968216
reference_id 968216
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968216
3
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
1
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-16145
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jck5-xymf-s3bh
11
url VCID-jqs5-8ct7-wfgk
vulnerability_id VCID-jqs5-8ct7-wfgk
summary Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-26925
reference_id
reference_type
scores
0
value 0.00259
scoring_system epss
scoring_elements 0.493
published_at 2026-04-21T12:55:00Z
1
value 0.00259
scoring_system epss
scoring_elements 0.49227
published_at 2026-04-01T12:55:00Z
2
value 0.00259
scoring_system epss
scoring_elements 0.49258
published_at 2026-04-02T12:55:00Z
3
value 0.00259
scoring_system epss
scoring_elements 0.49286
published_at 2026-04-04T12:55:00Z
4
value 0.00259
scoring_system epss
scoring_elements 0.49238
published_at 2026-04-07T12:55:00Z
5
value 0.00259
scoring_system epss
scoring_elements 0.49293
published_at 2026-04-08T12:55:00Z
6
value 0.00259
scoring_system epss
scoring_elements 0.49289
published_at 2026-04-09T12:55:00Z
7
value 0.00259
scoring_system epss
scoring_elements 0.49307
published_at 2026-04-11T12:55:00Z
8
value 0.00259
scoring_system epss
scoring_elements 0.49281
published_at 2026-04-12T12:55:00Z
9
value 0.00259
scoring_system epss
scoring_elements 0.49287
published_at 2026-04-13T12:55:00Z
10
value 0.00259
scoring_system epss
scoring_elements 0.49334
published_at 2026-04-16T12:55:00Z
11
value 0.00259
scoring_system epss
scoring_elements 0.49331
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-26925
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26925
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26925
2
reference_url https://security.archlinux.org/ASA-202102-27
reference_id ASA-202102-27
reference_type
scores
url https://security.archlinux.org/ASA-202102-27
3
reference_url https://security.archlinux.org/AVG-1551
reference_id AVG-1551
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1551
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2021-26925
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqs5-8ct7-wfgk
12
url VCID-kyxz-v3sj-w3cw
vulnerability_id VCID-kyxz-v3sj-w3cw
summary Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-18671
reference_id
reference_type
scores
0
value 0.00386
scoring_system epss
scoring_elements 0.59664
published_at 2026-04-01T12:55:00Z
1
value 0.00386
scoring_system epss
scoring_elements 0.59737
published_at 2026-04-02T12:55:00Z
2
value 0.00386
scoring_system epss
scoring_elements 0.59762
published_at 2026-04-04T12:55:00Z
3
value 0.00386
scoring_system epss
scoring_elements 0.59732
published_at 2026-04-07T12:55:00Z
4
value 0.00386
scoring_system epss
scoring_elements 0.59784
published_at 2026-04-08T12:55:00Z
5
value 0.00386
scoring_system epss
scoring_elements 0.59797
published_at 2026-04-09T12:55:00Z
6
value 0.00386
scoring_system epss
scoring_elements 0.59817
published_at 2026-04-11T12:55:00Z
7
value 0.00386
scoring_system epss
scoring_elements 0.59801
published_at 2026-04-12T12:55:00Z
8
value 0.00386
scoring_system epss
scoring_elements 0.59783
published_at 2026-04-13T12:55:00Z
9
value 0.00386
scoring_system epss
scoring_elements 0.5982
published_at 2026-04-16T12:55:00Z
10
value 0.00386
scoring_system epss
scoring_elements 0.59827
published_at 2026-04-18T12:55:00Z
11
value 0.00386
scoring_system epss
scoring_elements 0.5981
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-18671
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18671
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-18671
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kyxz-v3sj-w3cw
13
url VCID-m4yc-ms54-zyhv
vulnerability_id VCID-m4yc-ms54-zyhv
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13965.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13965.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13965
reference_id
reference_type
scores
0
value 0.71819
scoring_system epss
scoring_elements 0.98728
published_at 2026-04-02T12:55:00Z
1
value 0.71819
scoring_system epss
scoring_elements 0.98742
published_at 2026-04-21T12:55:00Z
2
value 0.71819
scoring_system epss
scoring_elements 0.98732
published_at 2026-04-04T12:55:00Z
3
value 0.71819
scoring_system epss
scoring_elements 0.98735
published_at 2026-04-09T12:55:00Z
4
value 0.71819
scoring_system epss
scoring_elements 0.98736
published_at 2026-04-08T12:55:00Z
5
value 0.71819
scoring_system epss
scoring_elements 0.98738
published_at 2026-04-12T12:55:00Z
6
value 0.71819
scoring_system epss
scoring_elements 0.98739
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13965
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13964
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13964
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13965
4
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.3.12
reference_id 1.3.12
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.3.12
5
reference_url https://github.com/roundcube/roundcubemail/compare/1.4.4...1.4.5
reference_id 1.4.4...1.4.5
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://github.com/roundcube/roundcubemail/compare/1.4.4...1.4.5
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.4.5
reference_id 1.4.5
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.4.5
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1848338
reference_id 1848338
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1848338
8
reference_url https://github.com/roundcube/roundcubemail/commit/884eb611627ef2bd5a2e20e02009ebb1eceecdc3
reference_id 884eb611627ef2bd5a2e20e02009ebb1eceecdc3
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://github.com/roundcube/roundcubemail/commit/884eb611627ef2bd5a2e20e02009ebb1eceecdc3
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962124
reference_id 962124
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962124
10
reference_url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-13965-Cross%20Site-Scripting%20via%20Malicious%20XML%20Attachment-Roundcube
reference_id CVE-2020-13965-Cross%20Site-Scripting%20via%20Malicious%20XML%20Attachment-Roundcube
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-13965-Cross%20Site-Scripting%20via%20Malicious%20XML%20Attachment-Roundcube
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLESQ4LPJGMSWHQ4TBRTVQRDG7IXAZCW/
reference_id DLESQ4LPJGMSWHQ4TBRTVQRDG7IXAZCW
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLESQ4LPJGMSWHQ4TBRTVQRDG7IXAZCW/
12
reference_url https://www.debian.org/security/2020/dsa-4700
reference_id dsa-4700
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://www.debian.org/security/2020/dsa-4700
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ODPJXBHZ32QSP4MYT2OBCALYXSUJ47SK/
reference_id ODPJXBHZ32QSP4MYT2OBCALYXSUJ47SK
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ODPJXBHZ32QSP4MYT2OBCALYXSUJ47SK/
14
reference_url https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12
reference_id security-updates-1.4.5-and-1.3.12
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T15:33:41Z/
url https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12
15
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
purl pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9ktu-55q4-3kau
15
vulnerability VCID-9uv1-gqq7-3kc9
16
vulnerability VCID-cjkd-2jr6-n7as
17
vulnerability VCID-ck88-1urs-2kes
18
vulnerability VCID-cnkc-vcp7-6kcw
19
vulnerability VCID-ddfq-28qm-2fbn
20
vulnerability VCID-fuh5-bwaq-yyfk
21
vulnerability VCID-gh6k-19h8-fqbf
22
vulnerability VCID-hg1a-vx5c-hue3
23
vulnerability VCID-j29t-cw2h-mfd8
24
vulnerability VCID-jck5-xymf-s3bh
25
vulnerability VCID-jqs5-8ct7-wfgk
26
vulnerability VCID-kyxz-v3sj-w3cw
27
vulnerability VCID-m4yc-ms54-zyhv
28
vulnerability VCID-ncbg-6m11-3qan
29
vulnerability VCID-qwak-6wgy-wfgs
30
vulnerability VCID-rc91-j3kf-zfch
31
vulnerability VCID-s6p1-rf35-euhy
32
vulnerability VCID-ts1p-pw9v-cbh3
33
vulnerability VCID-u8a4-4pe2-9kcb
34
vulnerability VCID-ub6x-9dku-c7fk
35
vulnerability VCID-ur1a-7tdn-h3hu
36
vulnerability VCID-vehj-ytsm-kqgz
37
vulnerability VCID-vtz8-zmp4-xbdh
38
vulnerability VCID-x9j7-98zt-6ygt
39
vulnerability VCID-xssa-fwbx-kybq
40
vulnerability VCID-ybv7-hqmj-nbgr
41
vulnerability VCID-z3kp-p8ch-myhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.2.3%252Bdfsg.1-4%252Bdeb9u6
1
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
2
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-13965
risk_score 10.0
exploitability 2.0
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4yc-ms54-zyhv
14
url VCID-ncbg-6m11-3qan
vulnerability_id VCID-ncbg-6m11-3qan
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-47272
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.65845
published_at 2026-04-02T12:55:00Z
1
value 0.00498
scoring_system epss
scoring_elements 0.65875
published_at 2026-04-04T12:55:00Z
2
value 0.00498
scoring_system epss
scoring_elements 0.6584
published_at 2026-04-07T12:55:00Z
3
value 0.00498
scoring_system epss
scoring_elements 0.65892
published_at 2026-04-08T12:55:00Z
4
value 0.00498
scoring_system epss
scoring_elements 0.65904
published_at 2026-04-09T12:55:00Z
5
value 0.00498
scoring_system epss
scoring_elements 0.65922
published_at 2026-04-11T12:55:00Z
6
value 0.00498
scoring_system epss
scoring_elements 0.65909
published_at 2026-04-12T12:55:00Z
7
value 0.00498
scoring_system epss
scoring_elements 0.65879
published_at 2026-04-13T12:55:00Z
8
value 0.00498
scoring_system epss
scoring_elements 0.65914
published_at 2026-04-16T12:55:00Z
9
value 0.00498
scoring_system epss
scoring_elements 0.65929
published_at 2026-04-18T12:55:00Z
10
value 0.00498
scoring_system epss
scoring_elements 0.65918
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-47272
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47272
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47272
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055421
reference_id 1055421
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055421
3
reference_url https://usn.ubuntu.com/6848-1/
reference_id USN-6848-1
reference_type
scores
url https://usn.ubuntu.com/6848-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2023-47272
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncbg-6m11-3qan
15
url VCID-qwak-6wgy-wfgs
vulnerability_id VCID-qwak-6wgy-wfgs
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-37384
reference_id
reference_type
scores
0
value 0.00437
scoring_system epss
scoring_elements 0.63008
published_at 2026-04-07T12:55:00Z
1
value 0.00437
scoring_system epss
scoring_elements 0.63099
published_at 2026-04-18T12:55:00Z
2
value 0.00437
scoring_system epss
scoring_elements 0.63091
published_at 2026-04-16T12:55:00Z
3
value 0.00437
scoring_system epss
scoring_elements 0.63056
published_at 2026-04-13T12:55:00Z
4
value 0.00437
scoring_system epss
scoring_elements 0.63078
published_at 2026-04-12T12:55:00Z
5
value 0.00437
scoring_system epss
scoring_elements 0.63092
published_at 2026-04-11T12:55:00Z
6
value 0.00437
scoring_system epss
scoring_elements 0.63074
published_at 2026-04-09T12:55:00Z
7
value 0.00437
scoring_system epss
scoring_elements 0.63058
published_at 2026-04-08T12:55:00Z
8
value 0.00437
scoring_system epss
scoring_elements 0.63014
published_at 2026-04-02T12:55:00Z
9
value 0.00437
scoring_system epss
scoring_elements 0.63043
published_at 2026-04-04T12:55:00Z
10
value 0.00525
scoring_system epss
scoring_elements 0.67022
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-37384
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37384
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071474
reference_id 1071474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071474
4
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.7
reference_id 1.5.7
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:48:19Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.7
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.7
reference_id 1.6.7
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:48:19Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.7
6
reference_url https://github.com/roundcube/roundcubemail/commit/cde4522c5c95f13c6aeeb1600ab17e5067a536f7
reference_id cde4522c5c95f13c6aeeb1600ab17e5067a536f7
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:48:19Z/
url https://github.com/roundcube/roundcubemail/commit/cde4522c5c95f13c6aeeb1600ab17e5067a536f7
7
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00008.html
reference_id msg00008.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:48:19Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00008.html
8
reference_url https://usn.ubuntu.com/6848-1/
reference_id USN-6848-1
reference_type
scores
url https://usn.ubuntu.com/6848-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2024-37384
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qwak-6wgy-wfgs
16
url VCID-rc91-j3kf-zfch
vulnerability_id VCID-rc91-j3kf-zfch
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15562
reference_id
reference_type
scores
0
value 0.00861
scoring_system epss
scoring_elements 0.75004
published_at 2026-04-01T12:55:00Z
1
value 0.00861
scoring_system epss
scoring_elements 0.75007
published_at 2026-04-02T12:55:00Z
2
value 0.00861
scoring_system epss
scoring_elements 0.75036
published_at 2026-04-04T12:55:00Z
3
value 0.00861
scoring_system epss
scoring_elements 0.75012
published_at 2026-04-07T12:55:00Z
4
value 0.00861
scoring_system epss
scoring_elements 0.75046
published_at 2026-04-08T12:55:00Z
5
value 0.00861
scoring_system epss
scoring_elements 0.75058
published_at 2026-04-09T12:55:00Z
6
value 0.00861
scoring_system epss
scoring_elements 0.7508
published_at 2026-04-11T12:55:00Z
7
value 0.00861
scoring_system epss
scoring_elements 0.75059
published_at 2026-04-12T12:55:00Z
8
value 0.00861
scoring_system epss
scoring_elements 0.75048
published_at 2026-04-13T12:55:00Z
9
value 0.00861
scoring_system epss
scoring_elements 0.75086
published_at 2026-04-16T12:55:00Z
10
value 0.00861
scoring_system epss
scoring_elements 0.75093
published_at 2026-04-18T12:55:00Z
11
value 0.00861
scoring_system epss
scoring_elements 0.75083
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15562
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15562
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15562
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964355
reference_id 964355
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964355
3
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
1
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-15562
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rc91-j3kf-zfch
17
url VCID-s6p1-rf35-euhy
vulnerability_id VCID-s6p1-rf35-euhy
summary Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-43770
reference_id
reference_type
scores
0
value 0.80389
scoring_system epss
scoring_elements 0.99124
published_at 2026-04-13T12:55:00Z
1
value 0.80389
scoring_system epss
scoring_elements 0.99129
published_at 2026-04-21T12:55:00Z
2
value 0.80389
scoring_system epss
scoring_elements 0.99127
published_at 2026-04-18T12:55:00Z
3
value 0.80389
scoring_system epss
scoring_elements 0.99126
published_at 2026-04-16T12:55:00Z
4
value 0.80389
scoring_system epss
scoring_elements 0.99125
published_at 2026-04-12T12:55:00Z
5
value 0.80653
scoring_system epss
scoring_elements 0.99134
published_at 2026-04-04T12:55:00Z
6
value 0.80653
scoring_system epss
scoring_elements 0.99131
published_at 2026-04-02T12:55:00Z
7
value 0.80653
scoring_system epss
scoring_elements 0.99137
published_at 2026-04-07T12:55:00Z
8
value 0.80653
scoring_system epss
scoring_elements 0.99139
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-43770
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43770
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43770
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052059
reference_id 1052059
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052059
3
reference_url https://github.com/roundcube/roundcubemail/commit/e92ec206a886461245e1672d8530cc93c618a49b
reference_id e92ec206a886461245e1672d8530cc93c618a49b
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:07Z/
url https://github.com/roundcube/roundcubemail/commit/e92ec206a886461245e1672d8530cc93c618a49b
4
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00024.html
reference_id msg00024.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:07Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00024.html
5
reference_url https://roundcube.net/news/2023/09/15/security-update-1.6.3-released
reference_id security-update-1.6.3-released
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:07Z/
url https://roundcube.net/news/2023/09/15/security-update-1.6.3-released
6
reference_url https://usn.ubuntu.com/6654-1/
reference_id USN-6654-1
reference_type
scores
url https://usn.ubuntu.com/6654-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2023-43770
risk_score 10.0
exploitability 2.0
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6p1-rf35-euhy
18
url VCID-u8a4-4pe2-9kcb
vulnerability_id VCID-u8a4-4pe2-9kcb
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35730
reference_id
reference_type
scores
0
value 0.64813
scoring_system epss
scoring_elements 0.98451
published_at 2026-04-01T12:55:00Z
1
value 0.64813
scoring_system epss
scoring_elements 0.98453
published_at 2026-04-02T12:55:00Z
2
value 0.64813
scoring_system epss
scoring_elements 0.98456
published_at 2026-04-04T12:55:00Z
3
value 0.64813
scoring_system epss
scoring_elements 0.98458
published_at 2026-04-07T12:55:00Z
4
value 0.64813
scoring_system epss
scoring_elements 0.98461
published_at 2026-04-08T12:55:00Z
5
value 0.64813
scoring_system epss
scoring_elements 0.98462
published_at 2026-04-09T12:55:00Z
6
value 0.64813
scoring_system epss
scoring_elements 0.98465
published_at 2026-04-13T12:55:00Z
7
value 0.64813
scoring_system epss
scoring_elements 0.9847
published_at 2026-04-18T12:55:00Z
8
value 0.64813
scoring_system epss
scoring_elements 0.98472
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35730
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35730
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35730
2
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.2.13
reference_id 1.2.13
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.2.13
3
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.3.16
reference_id 1.3.16
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.3.16
4
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.4.10
reference_id 1.4.10
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.4.10
5
reference_url https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10
reference_id 1.4.9...1.4.10
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10
6
reference_url https://security.archlinux.org/ASA-202101-2
reference_id ASA-202101-2
reference_type
scores
url https://security.archlinux.org/ASA-202101-2
7
reference_url https://security.archlinux.org/AVG-1388
reference_id AVG-1388
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1388
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491
reference_id bugreport.cgi?bug=978491
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491
9
reference_url https://roundcube.net/download/
reference_id download
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://roundcube.net/download/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/
reference_id HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/
reference_id HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/
12
reference_url https://www.alexbirnberg.com/roundcube-xss.html
reference_id roundcube-xss.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T20:21:48Z/
url https://www.alexbirnberg.com/roundcube-xss.html
13
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
1
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-35730
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8a4-4pe2-9kcb
19
url VCID-vehj-ytsm-kqgz
vulnerability_id VCID-vehj-ytsm-kqgz
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5631
reference_id
reference_type
scores
0
value 0.83338
scoring_system epss
scoring_elements 0.99269
published_at 2026-04-04T12:55:00Z
1
value 0.83338
scoring_system epss
scoring_elements 0.99266
published_at 2026-04-02T12:55:00Z
2
value 0.83433
scoring_system epss
scoring_elements 0.9928
published_at 2026-04-12T12:55:00Z
3
value 0.83433
scoring_system epss
scoring_elements 0.99281
published_at 2026-04-18T12:55:00Z
4
value 0.83433
scoring_system epss
scoring_elements 0.99278
published_at 2026-04-09T12:55:00Z
5
value 0.83433
scoring_system epss
scoring_elements 0.99277
published_at 2026-04-08T12:55:00Z
6
value 0.83433
scoring_system epss
scoring_elements 0.99279
published_at 2026-04-13T12:55:00Z
7
value 0.85084
scoring_system epss
scoring_elements 0.99356
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5631
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5631
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url http://www.openwall.com/lists/oss-security/2023/11/01/1
reference_id 1
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url http://www.openwall.com/lists/oss-security/2023/11/01/1
4
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.4.15
reference_id 1.4.15
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.4.15
5
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.5.5
reference_id 1.5.5
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.5.5
6
reference_url https://github.com/roundcube/roundcubemail/releases/tag/1.6.4
reference_id 1.6.4
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://github.com/roundcube/roundcubemail/releases/tag/1.6.4
7
reference_url http://www.openwall.com/lists/oss-security/2023/11/17/2
reference_id 2
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url http://www.openwall.com/lists/oss-security/2023/11/17/2
8
reference_url http://www.openwall.com/lists/oss-security/2023/11/01/3
reference_id 3
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url http://www.openwall.com/lists/oss-security/2023/11/01/3
9
reference_url https://github.com/roundcube/roundcubemail/commit/41756cc3331b495cc0b71886984474dc529dd31d
reference_id 41756cc3331b495cc0b71886984474dc529dd31d
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://github.com/roundcube/roundcubemail/commit/41756cc3331b495cc0b71886984474dc529dd31d
10
reference_url https://github.com/roundcube/roundcubemail/commit/6ee6e7ae301e165e2b2cb703edf75552e5376613
reference_id 6ee6e7ae301e165e2b2cb703edf75552e5376613
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://github.com/roundcube/roundcubemail/commit/6ee6e7ae301e165e2b2cb703edf75552e5376613
11
reference_url https://github.com/roundcube/roundcubemail/issues/9168
reference_id 9168
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://github.com/roundcube/roundcubemail/issues/9168
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054079
reference_id bugreport.cgi?bug=1054079
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054079
13
reference_url https://www.debian.org/security/2023/dsa-5531
reference_id dsa-5531
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://www.debian.org/security/2023/dsa-5531
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LK67Q46OIEGJCRQUBHKLH3IIJTBNGGX4/
reference_id LK67Q46OIEGJCRQUBHKLH3IIJTBNGGX4
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LK67Q46OIEGJCRQUBHKLH3IIJTBNGGX4/
15
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00035.html
reference_id msg00035.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00035.html
16
reference_url https://roundcube.net/news/2023/10/16/security-update-1.6.4-released
reference_id security-update-1.6.4-released
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://roundcube.net/news/2023/10/16/security-update-1.6.4-released
17
reference_url https://roundcube.net/news/2023/10/16/security-updates-1.5.5-and-1.4.15
reference_id security-updates-1.5.5-and-1.4.15
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:39:21Z/
url https://roundcube.net/news/2023/10/16/security-updates-1.5.5-and-1.4.15
18
reference_url https://usn.ubuntu.com/6848-1/
reference_id USN-6848-1
reference_type
scores
url https://usn.ubuntu.com/6848-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2023-5631
risk_score 10.0
exploitability 2.0
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vehj-ytsm-kqgz
20
url VCID-x9j7-98zt-6ygt
vulnerability_id VCID-x9j7-98zt-6ygt
summary 
A flaw in Roundcube's handling of configuration files may allow
    arbitrary code execution, amongst other vulnerabilities.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12625
reference_id
reference_type
scores
0
value 0.0231
scoring_system epss
scoring_elements 0.84692
published_at 2026-04-01T12:55:00Z
1
value 0.0231
scoring_system epss
scoring_elements 0.84707
published_at 2026-04-02T12:55:00Z
2
value 0.0231
scoring_system epss
scoring_elements 0.84727
published_at 2026-04-04T12:55:00Z
3
value 0.0231
scoring_system epss
scoring_elements 0.84729
published_at 2026-04-07T12:55:00Z
4
value 0.0231
scoring_system epss
scoring_elements 0.84751
published_at 2026-04-08T12:55:00Z
5
value 0.0231
scoring_system epss
scoring_elements 0.84758
published_at 2026-04-09T12:55:00Z
6
value 0.0231
scoring_system epss
scoring_elements 0.84775
published_at 2026-04-11T12:55:00Z
7
value 0.0231
scoring_system epss
scoring_elements 0.84771
published_at 2026-04-12T12:55:00Z
8
value 0.0231
scoring_system epss
scoring_elements 0.84766
published_at 2026-04-13T12:55:00Z
9
value 0.0231
scoring_system epss
scoring_elements 0.84787
published_at 2026-04-16T12:55:00Z
10
value 0.0231
scoring_system epss
scoring_elements 0.84788
published_at 2026-04-18T12:55:00Z
11
value 0.0231
scoring_system epss
scoring_elements 0.84786
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12625
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12625
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12626
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959140
reference_id 959140
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959140
4
reference_url https://security.gentoo.org/glsa/202007-41
reference_id GLSA-202007-41
reference_type
scores
url https://security.gentoo.org/glsa/202007-41
5
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
purl pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9ktu-55q4-3kau
15
vulnerability VCID-9uv1-gqq7-3kc9
16
vulnerability VCID-cjkd-2jr6-n7as
17
vulnerability VCID-ck88-1urs-2kes
18
vulnerability VCID-cnkc-vcp7-6kcw
19
vulnerability VCID-ddfq-28qm-2fbn
20
vulnerability VCID-fuh5-bwaq-yyfk
21
vulnerability VCID-gh6k-19h8-fqbf
22
vulnerability VCID-hg1a-vx5c-hue3
23
vulnerability VCID-j29t-cw2h-mfd8
24
vulnerability VCID-jck5-xymf-s3bh
25
vulnerability VCID-jqs5-8ct7-wfgk
26
vulnerability VCID-kyxz-v3sj-w3cw
27
vulnerability VCID-m4yc-ms54-zyhv
28
vulnerability VCID-ncbg-6m11-3qan
29
vulnerability VCID-qwak-6wgy-wfgs
30
vulnerability VCID-rc91-j3kf-zfch
31
vulnerability VCID-s6p1-rf35-euhy
32
vulnerability VCID-ts1p-pw9v-cbh3
33
vulnerability VCID-u8a4-4pe2-9kcb
34
vulnerability VCID-ub6x-9dku-c7fk
35
vulnerability VCID-ur1a-7tdn-h3hu
36
vulnerability VCID-vehj-ytsm-kqgz
37
vulnerability VCID-vtz8-zmp4-xbdh
38
vulnerability VCID-x9j7-98zt-6ygt
39
vulnerability VCID-xssa-fwbx-kybq
40
vulnerability VCID-ybv7-hqmj-nbgr
41
vulnerability VCID-z3kp-p8ch-myhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.2.3%252Bdfsg.1-4%252Bdeb9u6
1
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
2
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-12625
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9j7-98zt-6ygt
21
url VCID-xssa-fwbx-kybq
vulnerability_id VCID-xssa-fwbx-kybq
summary Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-18670
reference_id
reference_type
scores
0
value 0.00415
scoring_system epss
scoring_elements 0.61508
published_at 2026-04-01T12:55:00Z
1
value 0.00415
scoring_system epss
scoring_elements 0.61583
published_at 2026-04-07T12:55:00Z
2
value 0.00415
scoring_system epss
scoring_elements 0.61612
published_at 2026-04-04T12:55:00Z
3
value 0.00415
scoring_system epss
scoring_elements 0.61632
published_at 2026-04-08T12:55:00Z
4
value 0.00415
scoring_system epss
scoring_elements 0.61646
published_at 2026-04-09T12:55:00Z
5
value 0.00415
scoring_system epss
scoring_elements 0.61668
published_at 2026-04-11T12:55:00Z
6
value 0.00415
scoring_system epss
scoring_elements 0.61656
published_at 2026-04-12T12:55:00Z
7
value 0.00415
scoring_system epss
scoring_elements 0.61637
published_at 2026-04-13T12:55:00Z
8
value 0.00415
scoring_system epss
scoring_elements 0.61679
published_at 2026-04-16T12:55:00Z
9
value 0.00415
scoring_system epss
scoring_elements 0.61684
published_at 2026-04-18T12:55:00Z
10
value 0.00415
scoring_system epss
scoring_elements 0.61669
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-18670
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18670
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18670
fixed_packages
0
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2020-18670
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xssa-fwbx-kybq
22
url VCID-ybv7-hqmj-nbgr
vulnerability_id VCID-ybv7-hqmj-nbgr
summary Multiple vulnerabilities have been discovered in Roundcube, the worst of which could lead to execution of arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44025
reference_id
reference_type
scores
0
value 0.00629
scoring_system epss
scoring_elements 0.7019
published_at 2026-04-01T12:55:00Z
1
value 0.00629
scoring_system epss
scoring_elements 0.70202
published_at 2026-04-02T12:55:00Z
2
value 0.00629
scoring_system epss
scoring_elements 0.70219
published_at 2026-04-04T12:55:00Z
3
value 0.00629
scoring_system epss
scoring_elements 0.70196
published_at 2026-04-07T12:55:00Z
4
value 0.00629
scoring_system epss
scoring_elements 0.70242
published_at 2026-04-08T12:55:00Z
5
value 0.00629
scoring_system epss
scoring_elements 0.70257
published_at 2026-04-09T12:55:00Z
6
value 0.00629
scoring_system epss
scoring_elements 0.7028
published_at 2026-04-11T12:55:00Z
7
value 0.00629
scoring_system epss
scoring_elements 0.70266
published_at 2026-04-12T12:55:00Z
8
value 0.00629
scoring_system epss
scoring_elements 0.70253
published_at 2026-04-13T12:55:00Z
9
value 0.00629
scoring_system epss
scoring_elements 0.70294
published_at 2026-04-16T12:55:00Z
10
value 0.00629
scoring_system epss
scoring_elements 0.70304
published_at 2026-04-18T12:55:00Z
11
value 0.00629
scoring_system epss
scoring_elements 0.70285
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44025
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44025
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44025
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44026
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44026
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000156
reference_id 1000156
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000156
4
reference_url https://security.gentoo.org/glsa/202507-10
reference_id GLSA-202507-10
reference_type
scores
url https://security.gentoo.org/glsa/202507-10
5
reference_url https://usn.ubuntu.com/USN-5182-1/
reference_id USN-USN-5182-1
reference_type
scores
url https://usn.ubuntu.com/USN-5182-1/
fixed_packages
0
url pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
purl pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14vp-t71a-4bh1
1
vulnerability VCID-2eyy-k49d-m3af
2
vulnerability VCID-2hap-9mqs-v3b8
3
vulnerability VCID-2k4q-26tk-j3gx
4
vulnerability VCID-2nb2-9vgp-tqg9
5
vulnerability VCID-36et-26h7-pke7
6
vulnerability VCID-3kyu-tx4q-p3aq
7
vulnerability VCID-4yzj-hrqv-vbcp
8
vulnerability VCID-5yts-xnha-4bf3
9
vulnerability VCID-79me-pjdn-ykgq
10
vulnerability VCID-7nn6-aywu-z7g8
11
vulnerability VCID-8vmm-1hvf-17ap
12
vulnerability VCID-8xf2-hjfv-hybh
13
vulnerability VCID-9der-5csu-nbbq
14
vulnerability VCID-9uv1-gqq7-3kc9
15
vulnerability VCID-cjkd-2jr6-n7as
16
vulnerability VCID-ck88-1urs-2kes
17
vulnerability VCID-cnkc-vcp7-6kcw
18
vulnerability VCID-ddfq-28qm-2fbn
19
vulnerability VCID-gh6k-19h8-fqbf
20
vulnerability VCID-hg1a-vx5c-hue3
21
vulnerability VCID-jck5-xymf-s3bh
22
vulnerability VCID-jqs5-8ct7-wfgk
23
vulnerability VCID-kyxz-v3sj-w3cw
24
vulnerability VCID-m4yc-ms54-zyhv
25
vulnerability VCID-ncbg-6m11-3qan
26
vulnerability VCID-qwak-6wgy-wfgs
27
vulnerability VCID-rc91-j3kf-zfch
28
vulnerability VCID-s6p1-rf35-euhy
29
vulnerability VCID-u8a4-4pe2-9kcb
30
vulnerability VCID-ub6x-9dku-c7fk
31
vulnerability VCID-vehj-ytsm-kqgz
32
vulnerability VCID-vtz8-zmp4-xbdh
33
vulnerability VCID-x9j7-98zt-6ygt
34
vulnerability VCID-xssa-fwbx-kybq
35
vulnerability VCID-ybv7-hqmj-nbgr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2
1
url pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
purl pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hap-9mqs-v3b8
1
vulnerability VCID-2nb2-9vgp-tqg9
2
vulnerability VCID-3kyu-tx4q-p3aq
3
vulnerability VCID-4yzj-hrqv-vbcp
4
vulnerability VCID-5yts-xnha-4bf3
5
vulnerability VCID-8vmm-1hvf-17ap
6
vulnerability VCID-8xf2-hjfv-hybh
7
vulnerability VCID-9uv1-gqq7-3kc9
8
vulnerability VCID-ck88-1urs-2kes
9
vulnerability VCID-ddfq-28qm-2fbn
10
vulnerability VCID-gh6k-19h8-fqbf
11
vulnerability VCID-rdb5-bbvn-7fcq
12
vulnerability VCID-ub6x-9dku-c7fk
13
vulnerability VCID-vtz8-zmp4-xbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4
aliases CVE-2021-44025
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ybv7-hqmj-nbgr
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4