Bleeping Computer

Over 84,000 Roundcube instances vulnerable to actively exploited flaw

Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) flaw with a public exploit. The flaw, which impacts Roundcube versions 1.1.0 ...
Bleeping Computer

Hacker selling critical Roundcube webmail exploit as tech info disclosed

Hackers are likely starting to exploit CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. The security issue has been ...
Le Monde Informatique

Faille zero day exploitée dans le webmail Roundcube

Des chercheurs en sécurité d'Eset ont découvert des attaques menées par le cybergang Winter Vivern affectant le système de messagerie web de Roundcube. Cette faille exploitée met notamment en danger ...