Bleeping Computer

Hacker selling critical Roundcube webmail exploit as tech info disclosed

Hackers are likely starting to exploit CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. The security issue has been ...
Bleeping Computer

CISA: Recently patched RoundCube flaws now exploited in attacks

CISA flagged two Roundcube Webmail vulnerabilities as actively exploited in attacks and ordered U.S. federal agencies to patch them within three weeks. Roundcube Webmail is a web-based email client ...