Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/roundcube@1.6.15%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/roundcube@1.6.15%2Bdfsg-0%2Bdeb13u1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (9)
Vulnerability Summary Aliases
VCID-2hap-9mqs-v3b8 Roundcube Webmail: Incorrect password comparison in the password plugin CVE-2026-35541
GHSA-46pv-mj2g-93gh
VCID-3rza-7fvy-guce Roundcube Webmail: Unsafe deserialization in the redis/memcache session handler CVE-2026-35537
GHSA-rxj3-rrwm-pj4r
VCID-5yts-xnha-4bf3 Roundcube Webmail: Insufficient HTML attachment sanitization in preview mode CVE-2026-35539
GHSA-x4q5-8j5g-hpjc
VCID-8vmm-1hvf-17ap Roundcube: Bypass of remote image blocking via crafted BODY background attribute CVE-2026-35542
GHSA-5hf6-crg4-fg59
VCID-8xf2-hjfv-hybh Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages CVE-2026-35544
GHSA-xpqh-grpw-4xmg
VCID-ck88-1urs-2kes Roundcube Webmail: Bypass of remote image blocking via SVG content (with animate attributes) in an e-mail message CVE-2026-35543
GHSA-j2g6-8rvg-7mf6
VCID-ddfq-28qm-2fbn Roundcube Webmail: Remote image blocking feature can be bypassed via SVG content in an e-mail message CVE-2026-35545
GHSA-w846-74jr-76cv
VCID-gh6k-19h8-fqbf Roundcube Webmail: Unsanitized IMAP SEARCH command arguments CVE-2026-35538
GHSA-8jr8-v43g-5c57
VCID-ub6x-9dku-c7fk Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages CVE-2026-35540
GHSA-vxg2-hhgr-37fx

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:23:09.078709+00:00 Debian Importer Fixing VCID-8xf2-hjfv-hybh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:46:39.047026+00:00 Debian Importer Fixing VCID-8vmm-1hvf-17ap https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:45:13.167697+00:00 Debian Importer Fixing VCID-ck88-1urs-2kes https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:10:46.697568+00:00 Debian Importer Fixing VCID-ub6x-9dku-c7fk https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:30:42.263803+00:00 Debian Importer Fixing VCID-ddfq-28qm-2fbn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:13:08.136453+00:00 Debian Importer Fixing VCID-5yts-xnha-4bf3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:44:33.492345+00:00 Debian Importer Fixing VCID-gh6k-19h8-fqbf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:41:23.460025+00:00 Debian Importer Fixing VCID-2hap-9mqs-v3b8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:33:42.020901+00:00 Debian Importer Fixing VCID-3rza-7fvy-guce https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:13:49.827709+00:00 Debian Importer Fixing VCID-8xf2-hjfv-hybh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:45:49.893274+00:00 Debian Importer Fixing VCID-8vmm-1hvf-17ap https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:44:45.781787+00:00 Debian Importer Fixing VCID-ck88-1urs-2kes https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:19:49.441585+00:00 Debian Importer Fixing VCID-ub6x-9dku-c7fk https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:50:45.952621+00:00 Debian Importer Fixing VCID-ddfq-28qm-2fbn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:37:40.241809+00:00 Debian Importer Fixing VCID-5yts-xnha-4bf3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:15:52.174756+00:00 Debian Importer Fixing VCID-gh6k-19h8-fqbf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:13:52.817435+00:00 Debian Importer Fixing VCID-2hap-9mqs-v3b8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:07:57.732261+00:00 Debian Importer Fixing VCID-3rza-7fvy-guce https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-06T03:06:30.469417+00:00 Debian Importer Fixing VCID-ddfq-28qm-2fbn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.405102+00:00 Debian Importer Fixing VCID-8xf2-hjfv-hybh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.335185+00:00 Debian Importer Fixing VCID-ck88-1urs-2kes https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.265740+00:00 Debian Importer Fixing VCID-8vmm-1hvf-17ap https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.195764+00:00 Debian Importer Fixing VCID-2hap-9mqs-v3b8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.125095+00:00 Debian Importer Fixing VCID-ub6x-9dku-c7fk https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.055437+00:00 Debian Importer Fixing VCID-5yts-xnha-4bf3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:29.985859+00:00 Debian Importer Fixing VCID-gh6k-19h8-fqbf https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:29.914879+00:00 Debian Importer Fixing VCID-3rza-7fvy-guce https://security-tracker.debian.org/tracker/data/json 38.1.0