Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

Summary by IT Security News - Cybersecurity, Infosecurity News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-49113 (CVSS score: 9.9) – A deserialization of untrusted data vulnerability that allows remote code This article has been indexed from The Hacker News Read …
DisclaimerThis story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.Cross Cancel Icon

4 Articles

cybernoz.comcybernoz.com

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog - Cybernoz - Cybersecurity News

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 21, 2026 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two RoundCube Webmail flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws…

Read Full Article
The Hacker NewsThe Hacker News
Reposted by
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below CVE-2025-49113 (CVSS score: 9.9) - A deserialization of untrusted data vulnerability that allows remote code

Read Full Article
cisa.govcisa.gov

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog ggaylor Feb 20, 2026 Release DateFebruary 20, 2026 DescriptionCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.CVE-2025-49113 RoundCube Webmail Deserialization of Untrusted Data VulnerabilityCVE-2025-68461 RoundCube Webmail Cross-site Scripting VulnerabilityThese types of vulnerabilities are frequent att…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • There is no tracked Bias information for the sources covering this story.

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

cisa.gov broke the news in on Friday, February 20, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

CISA icon

CISA

United States icon

United States

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal