Risk Scores
CVSS v3.1
4.699999809265137
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
EPSS Score
0.09%
25.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| roundcube | webmail | 1.6.0, 0, 1.6.0 |
| Roundcube | Webmail | 0, 1.6.0, 0 |
Timeline
- Feb 9, 2026 CVE Published
- Feb 11, 2026 EPSS Score
- Feb 11, 2026 CVE Updated
- Feb 12, 2026 EPSS Score
- Feb 14, 2026 EPSS Score
- Feb 15, 2026 EPSS Score
- Feb 17, 2026 EPSS Score
- Feb 18, 2026 EPSS Score
- Feb 20, 2026 EPSS Score
- Feb 21, 2026 EPSS Score
- Feb 23, 2026 EPSS Score
- Feb 23, 2026 PoC Published
References
- https://roundcube.net/news/2026/02/08/security-updates-1.6.13-and-1.5.13 url
- https://github.com/roundcube/roundcubemail/releases/tag/1.6.13 url
- https://github.com/roundcube/roundcubemail/commit/1f4c3a5af5033747f9685a8a395dbd8228d19816 url
- https://github.com/roundcube/roundcubemail/commit/2b5625f1d2ef7e050fd1ae481b2a52dc35466447 url
- https://github.com/roundcube/roundcubemail/commit/53d75d5dfebef235a344d476b900c20c12d52b01 url
- https://github.com/roundcube/roundcubemail/releases/tag/1.5.13 url
- https://github.com/roundcube/roundcubemail/commit/bf89cbaa5897d8ad62e8057d9a3f6babb90b7954 url
- https://github.com/roundcube/roundcubemail/commit/5a3315cce587e0be58335d11ff9a5571c90494a5 url
- https://github.com/roundcube/roundcubemail/commit/c15f5dbf093a497e19a749b20e7f8fb5a9c24cde url
- https://nvd.nist.gov/vuln/detail/CVE-2026-26079 advisory