CVE-2026-62644 in Roundcubeinformación

Resumen

por MITRE • 2026-07-14

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the password plugin of the Roundcube Webmail was subject to username spoofing via session data, which could lead to account takeover.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsable

MITRE

Reservar

2026-07-14

Divulgación

2026-07-14

Moderación

aceptado

Artículo

VDB-378373

CPE

listo

EPSS

0.00239

KEV

no

Actividades

muy bajo

Fuentes

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!