CVE-2026-35543 in Webmail
Resumen (Inglés)
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content (with animate attributes) in an e-mail message. This may lead to information disclosure or access-control bypass.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Responsable
MITRE
Reservar
2026-04-03
Divulgación
2026-04-03
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 355057 | Roundcube Webmail SVG Content divulgación de información | 669 | No está definido | Arreglo oficial | CVE-2026-35543 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV