Vulnerabilities

CVE-2026-48847

by Fred · 25/05/2026

Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass.

More information : https://github.com/roundcube/roundcubemail/commit/703318e6a59515b73b0d8aa2a91e346b02f56baa

Similar

Tags: Cybersecurity Alert