Signal
CISA adds roundcube vulnerabilities to KEV catalog, urges updates
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-02-20 20:59 UTCUpdated 2026-02-21 07:21 UTC
rss
securitycanadian_centre
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (2 domains)domains are deduped. counts indicate coverage, not truth.2 top sources shown
limited source diversity in top sources
Overview
CISA has added two vulnerabilities in Roundcube webmail software to its KEV catalog, urging users to update their systems to prevent exploitation. The vulnerabilities include CVE-2025-49113, which allows remote code execution.
Score total
1.01
Momentum 24h
2
Posts
2
Origins
2
Source types
1
Duplicate ratio
0%
Why it matters
- Active exploitation of these vulnerabilities poses a significant risk to users of Roundcube webmail.
- Timely updates are crucial to prevent potential breaches and maintain security integrity.
- CISA's inclusion of these vulnerabilities in the KEV catalog emphasizes their severity.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
- CISA added CVE-2025-49113 to its KEV catalog due to active exploitation.
- The Canadian Centre for Cyber Security recommends updates for affected Roundcube versions.
All evidence
All evidence
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
thehackernews · thehackernews.com · 2026-02-21 07:21 UTC
Roundcube security advisory (AV25-309) - Update 1
Canadian Centre for Cyber Security - Alerts · cyber.gc.ca · 2026-02-20 20:59 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -
Showing 2 / 0
Top publishers (this list)
- thehackernews (1)
- Canadian Centre for Cyber Security - Alerts (1)
Top origin domains (this list)
- thehackernews.com (1)
- cyber.gc.ca (1)