Houston Chronicle

How to Set Up Roundcube on a Website

Roundcube is an open-source application for managing email through a Web interface. It runs on Web servers that support the PHP server-side scripting language. Roundcube may be a good choice for your ...
Threat Post

Critical Vulnerability Patched in Roundcube Webmail

Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts. Open source webmail provider Roundcube has ...
Bleeping Computer

Hacker selling critical Roundcube webmail exploit as tech info disclosed

Hackers are likely starting to exploit CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. The security issue has been ...
Bleeping Computer

CISA: Roundcube email server bug now exploited in attacks

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent ...
WeLiveSecurity

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research has been closely tracking the cyberespionage operations of Winter Vivern for more than a year and, during our routine monitoring, we found that the group began exploiting a zero-day XSS ...
heise online

Roundcube Webmail: Attacks on security vulnerabilities ongoing

The US IT security authority CISA warns of attacks on the open-source software Roundcube Webmail. It concerns a critical and a high-risk vulnerability that criminals are now apparently targeting. The ...