Recent RoundCube Webmail Vulnerability Exploited in Attacks

The flaw, an XSS issue exploitable via the animate tag in an SVG document, was resolved in Webmail versions 1.6.12 and 1.5.12.The vulnerable RoundCube releases did not properly sanitize malicious payloads that could be embedded in the animate tag, allowing attackers to execute code in the context of the victim’s browser session without user interaction.CISA has urged federal agencies to patch both RoundCube vulnerabilities within three weeks, as mandated by Binding Operational Directive (BOD) 22-01.All organizations are advised to review CISA’s KEV catalog and prioritize addressing the security defects it contains.Related:BeyondTrust Vulnerability Exploited in Ransomware AttacksRelated:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Google Patches First Actively Exploited Chrome Zero-Day of 2026Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

The vulnerable RoundCube releases did not properly sanitize malicious payloads that could be embedded in the animate tag, allowing attackers to execute code in the context of the victim’s browser session without user interaction.CISA has urged federal agencies to patch both RoundCube vulnerabilities within three weeks, as mandated by Binding Operational Directive (BOD) 22-01.All organizations are advised to review CISA’s KEV catalog and prioritize addressing the security defects it contains.Related:BeyondTrust Vulnerability Exploited in Ransomware AttacksRelated:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Google Patches First Actively Exploited Chrome Zero-Day of 2026Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has urged federal agencies to patch both RoundCube vulnerabilities within three weeks, as mandated by Binding Operational Directive (BOD) 22-01.All organizations are advised to review CISA’s KEV catalog and prioritize addressing the security defects it contains.Related:BeyondTrust Vulnerability Exploited in Ransomware AttacksRelated:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Google Patches First Actively Exploited Chrome Zero-Day of 2026Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

All organizations are advised to review CISA’s KEV catalog and prioritize addressing the security defects it contains.Related:BeyondTrust Vulnerability Exploited in Ransomware AttacksRelated:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Google Patches First Actively Exploited Chrome Zero-Day of 2026Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Related:BeyondTrust Vulnerability Exploited in Ransomware AttacksRelated:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Google Patches First Actively Exploited Chrome Zero-Day of 2026Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Related:Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage GroupRelated:Google Patches First Actively Exploited Chrome Zero-Day of 2026Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Related:Google Patches First Actively Exploited Chrome Zero-Day of 2026Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Related:CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

Ionut Arghire is an international correspondent for SecurityWeek.

Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise.

Source: SecurityWeek