Signal
Critical vulnerabilities patched in MariaDB and Roundcube webmail in July 2026
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-07-14 11:45 UTCUpdated 2026-07-15 03:28 UTC
rss
cvevulnerabilitiespatchincident_responsesecurity_tooling
Trend in the last 24h
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.3 top sources shown
Overview
Multiple severe security vulnerabilities affecting MariaDB and Roundcube webmail were disclosed and patched in July 2026. MariaDB addressed several critical issues including remote code execution, SQL injection, and privilege escalation with a maximum CVSS score of 10.0.
Score total
1.03
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
- Patches were released in July 2026 addressing actively exploitable flaws.
- High severity ratings indicate urgent need for updates.
- Both MariaDB and Roundcube are widely deployed, increasing impact scope.
Why it matters
- Critical vulnerabilities with CVSS up to 10.0 allow remote code execution and data compromise.
- Roundcube XSS flaws enable zero-click attacks affecting user sessions.
- Prompt patching reduces risk of exploitation and data breaches.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
- MariaDB has multiple critical vulnerabilities including remote code execution and SQL injection.
- Roundcube webmail versions before 1.6.17 and 1.7.2 are vulnerable to stored XSS and username spoofing leading to account takeover.
How sources frame it
- Ubuntu Security Notices: neutral
- Roundcube Project: neutral
All evidence
All evidence
MariaDB: CVSS (Max): 10.0
AusCERT - Bulletins · portal.auscert.org.au · 2026-07-15 03:28 UTC
Roundcube: Security updates 1.6.17 and 1.7.2 released
NCSC-FI - Vulnerabilities · roundcube.net · 2026-07-15 02:00 UTC
USN-8536-1: MariaDB vulnerabilities
Ubuntu Security Notices · ubuntu.com · 2026-07-14 11:45 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
- AusCERT - Bulletins (1)
- NCSC-FI - Vulnerabilities (1)
- Ubuntu Security Notices (1)
Top origin domains (this list)
- portal.auscert.org.au (1)
- roundcube.net (1)
- ubuntu.com (1)