Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/roundcube@1.6.5%2Bdfsg-1%2Bdeb12u8?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (9)
Vulnerability Summary Aliases
VCID-2hap-9mqs-v3b8 Roundcube Webmail: Incorrect password comparison in the password plugin CVE-2026-35541
GHSA-46pv-mj2g-93gh
VCID-3rza-7fvy-guce Roundcube Webmail: Unsafe deserialization in the redis/memcache session handler CVE-2026-35537
GHSA-rxj3-rrwm-pj4r
VCID-5yts-xnha-4bf3 Roundcube Webmail: Insufficient HTML attachment sanitization in preview mode CVE-2026-35539
GHSA-x4q5-8j5g-hpjc
VCID-8vmm-1hvf-17ap Roundcube: Bypass of remote image blocking via crafted BODY background attribute CVE-2026-35542
GHSA-5hf6-crg4-fg59
VCID-8xf2-hjfv-hybh Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages CVE-2026-35544
GHSA-xpqh-grpw-4xmg
VCID-ck88-1urs-2kes Roundcube Webmail: Bypass of remote image blocking via SVG content (with animate attributes) in an e-mail message CVE-2026-35543
GHSA-j2g6-8rvg-7mf6
VCID-ddfq-28qm-2fbn Roundcube Webmail: Remote image blocking feature can be bypassed via SVG content in an e-mail message CVE-2026-35545
GHSA-w846-74jr-76cv
VCID-gh6k-19h8-fqbf Roundcube Webmail: Unsanitized IMAP SEARCH command arguments CVE-2026-35538
GHSA-8jr8-v43g-5c57
VCID-ub6x-9dku-c7fk Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages CVE-2026-35540
GHSA-vxg2-hhgr-37fx

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:23:09.057844+00:00 Debian Importer Fixing VCID-8xf2-hjfv-hybh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:46:39.029039+00:00 Debian Importer Fixing VCID-8vmm-1hvf-17ap https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:45:13.149759+00:00 Debian Importer Fixing VCID-ck88-1urs-2kes https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:10:46.679117+00:00 Debian Importer Fixing VCID-ub6x-9dku-c7fk https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:30:42.251633+00:00 Debian Importer Fixing VCID-ddfq-28qm-2fbn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:13:08.118410+00:00 Debian Importer Fixing VCID-5yts-xnha-4bf3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:44:33.473640+00:00 Debian Importer Fixing VCID-gh6k-19h8-fqbf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:41:23.439744+00:00 Debian Importer Fixing VCID-2hap-9mqs-v3b8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:33:41.999697+00:00 Debian Importer Fixing VCID-3rza-7fvy-guce https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:13:49.802370+00:00 Debian Importer Fixing VCID-8xf2-hjfv-hybh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:45:49.872658+00:00 Debian Importer Fixing VCID-8vmm-1hvf-17ap https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:44:45.762589+00:00 Debian Importer Fixing VCID-ck88-1urs-2kes https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:19:49.420157+00:00 Debian Importer Fixing VCID-ub6x-9dku-c7fk https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:50:45.940155+00:00 Debian Importer Fixing VCID-ddfq-28qm-2fbn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:37:40.217911+00:00 Debian Importer Fixing VCID-5yts-xnha-4bf3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:15:52.154458+00:00 Debian Importer Fixing VCID-gh6k-19h8-fqbf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:13:52.805965+00:00 Debian Importer Fixing VCID-2hap-9mqs-v3b8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:07:57.711104+00:00 Debian Importer Fixing VCID-3rza-7fvy-guce https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-06T03:06:30.429796+00:00 Debian Importer Fixing VCID-ddfq-28qm-2fbn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.358118+00:00 Debian Importer Fixing VCID-8xf2-hjfv-hybh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.288926+00:00 Debian Importer Fixing VCID-ck88-1urs-2kes https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.219166+00:00 Debian Importer Fixing VCID-8vmm-1hvf-17ap https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.149763+00:00 Debian Importer Fixing VCID-2hap-9mqs-v3b8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.078805+00:00 Debian Importer Fixing VCID-ub6x-9dku-c7fk https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:30.009018+00:00 Debian Importer Fixing VCID-5yts-xnha-4bf3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:29.938483+00:00 Debian Importer Fixing VCID-gh6k-19h8-fqbf https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-06T03:06:29.866226+00:00 Debian Importer Fixing VCID-3rza-7fvy-guce https://security-tracker.debian.org/tracker/data/json 38.1.0