CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Roundcube: >> Webmail >> 1.6.14 Security Vulnerabilities

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke.

CVSS Score

5.3

EPSS Score

0.003

Published

2026-04-03

Page 1

Vulnerabilities

Vulnerable Software

Roundcube: >> Webmail >> 1.6.14 Security Vulnerabilities

Products

Pricing

Contact Us