[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-26079":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-07T15:11:42.125Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":71,"aliases":72,"duplicate_of":9,"upstream":73,"downstream":74,"duplicates":85,"related":86,"reserved_at":9,"published_at":90,"modified_at":91,"state":92,"summary":93,"references_raw":102,"kevs":140,"epss":141,"epss_history":144,"metrics":313,"affected":321},"CVE-2026-26079","Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-829","Inclusion of Functionality from Untrusted Control Sphere","The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.","weakness","Incomplete","Base",[19,23,27,31,35,39,43,47,51,55,59,63,67],{"id":20,"name":21,"techniques":22},"CAPEC-175","Code Inclusion",[],{"id":24,"name":25,"techniques":26},"CAPEC-201","Serialized Data External Linking",[],{"id":28,"name":29,"techniques":30},"CAPEC-228","DTD Injection",[],{"id":32,"name":33,"techniques":34},"CAPEC-251","Local Code Inclusion",[],{"id":36,"name":37,"techniques":38},"CAPEC-252","PHP Local File Inclusion",[],{"id":40,"name":41,"techniques":42},"CAPEC-253","Remote Code Inclusion",[],{"id":44,"name":45,"techniques":46},"CAPEC-263","Force Use of Corrupted Files",[],{"id":48,"name":49,"techniques":50},"CAPEC-538","Open-Source Library Manipulation",[],{"id":52,"name":53,"techniques":54},"CAPEC-549","Local Execution of Code",[],{"id":56,"name":57,"techniques":58},"CAPEC-640","Inclusion of Code in Existing Process",[],{"id":60,"name":61,"techniques":62},"CAPEC-660","Root/Jailbreak Detection Evasion via Hooking",[],{"id":64,"name":65,"techniques":66},"CAPEC-695","Repo Jacking",[],{"id":68,"name":69,"techniques":70},"CAPEC-698","Install Malicious Extension",[],[],[],[],[75,77,79,81,83],{"_key":76},"DSA-6137-1",{"_key":78},"DLA-4480-1",{"_key":80},"DEBIAN-CVE-2026-26079",{"_key":82},"OPENSUSE-SU-2026:20323-1",{"_key":84},"UBUNTU-CVE-2026-26079",[],[87,88],{"_key":82},{"_key":89},"MGASA-2026-0065","2026-02-11T04:27:24.156Z","2026-02-11T16:06:28.336Z","Awaiting Analysis",{"cisa_kev":94,"cisa_ransomware":94,"cisa_vendor":9,"epss_severity":95,"epss_score":96,"severity":97,"severity_score":98,"severity_version":99,"severity_source":100,"severity_vector":101,"severity_status":92},false,"low",0.00074,"medium",4.7,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",[103,108,112,116,120,124,128,132,136],{"url":104,"sources":105,"tags":107},"https://roundcube.net/news/2026/02/08/security-updates-1.6.13-and-1.5.13",[100,106],"nvd",[],{"url":109,"sources":110,"tags":111},"https://github.com/roundcube/roundcubemail/releases/tag/1.6.13",[100,106],[],{"url":113,"sources":114,"tags":115},"https://github.com/roundcube/roundcubemail/commit/1f4c3a5af5033747f9685a8a395dbd8228d19816",[100,106],[],{"url":117,"sources":118,"tags":119},"https://github.com/roundcube/roundcubemail/commit/2b5625f1d2ef7e050fd1ae481b2a52dc35466447",[100,106],[],{"url":121,"sources":122,"tags":123},"https://github.com/roundcube/roundcubemail/commit/53d75d5dfebef235a344d476b900c20c12d52b01",[100,106],[],{"url":125,"sources":126,"tags":127},"https://github.com/roundcube/roundcubemail/releases/tag/1.5.13",[100,106],[],{"url":129,"sources":130,"tags":131},"https://github.com/roundcube/roundcubemail/commit/bf89cbaa5897d8ad62e8057d9a3f6babb90b7954",[100,106],[],{"url":133,"sources":134,"tags":135},"https://github.com/roundcube/roundcubemail/commit/5a3315cce587e0be58335d11ff9a5571c90494a5",[100,106],[],{"url":137,"sources":138,"tags":139},"https://github.com/roundcube/roundcubemail/commit/c15f5dbf093a497e19a749b20e7f8fb5a9c24cde",[100,106],[],[],{"date":142,"score":96,"percentile":143},"2026-04-07",0.22307,[145,149,152,155,158,161,164,168,172,175,178,181,184,187,190,193,196,199,202,205,208,211,214,216,219,222,225,228,231,234,237,240,242,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312],{"date":146,"score":147,"percentile":148},"2026-02-11",0.00043,0.13019,{"date":150,"score":147,"percentile":151},"2026-02-12",0.13036,{"date":153,"score":147,"percentile":154},"2026-02-13",0.13034,{"date":156,"score":147,"percentile":157},"2026-02-14",0.13012,{"date":159,"score":147,"percentile":160},"2026-02-15",0.12997,{"date":162,"score":147,"percentile":163},"2026-02-16",0.12972,{"date":165,"score":166,"percentile":167},"2026-02-17",0.00047,0.14191,{"date":169,"score":170,"percentile":171},"2026-02-18",0.00081,0.23836,{"date":173,"score":170,"percentile":174},"2026-02-19",0.23881,{"date":176,"score":170,"percentile":177},"2026-02-20",0.23904,{"date":179,"score":170,"percentile":180},"2026-02-21",0.23948,{"date":182,"score":170,"percentile":183},"2026-02-22",0.23922,{"date":185,"score":170,"percentile":186},"2026-02-23",0.23899,{"date":188,"score":170,"percentile":189},"2026-02-24",0.2386,{"date":191,"score":170,"percentile":192},"2026-02-25",0.23853,{"date":194,"score":170,"percentile":195},"2026-02-26",0.23873,{"date":197,"score":170,"percentile":198},"2026-02-27",0.23886,{"date":200,"score":170,"percentile":201},"2026-02-28",0.23879,{"date":203,"score":170,"percentile":204},"2026-03-01",0.23928,{"date":206,"score":170,"percentile":207},"2026-03-02",0.23917,{"date":209,"score":170,"percentile":210},"2026-03-03",0.23891,{"date":212,"score":170,"percentile":213},"2026-03-04",0.23776,{"date":215,"score":170,"percentile":192},"2026-03-05",{"date":217,"score":170,"percentile":218},"2026-03-06",0.23855,{"date":220,"score":170,"percentile":221},"2026-03-07",0.23849,{"date":223,"score":170,"percentile":224},"2026-03-08",0.23827,{"date":226,"score":170,"percentile":227},"2026-03-09",0.23794,{"date":229,"score":170,"percentile":230},"2026-03-10",0.23766,{"date":232,"score":170,"percentile":233},"2026-03-11",0.23743,{"date":235,"score":170,"percentile":236},"2026-03-12",0.23789,{"date":238,"score":170,"percentile":239},"2026-03-13",0.2383,{"date":241,"score":170,"percentile":171},"2026-03-14",{"date":243,"score":244,"percentile":245},"2026-03-15",0.00089,0.25167,{"date":247,"score":244,"percentile":248},"2026-03-16",0.25171,{"date":250,"score":244,"percentile":251},"2026-03-17",0.2514,{"date":253,"score":244,"percentile":254},"2026-03-18",0.25134,{"date":256,"score":244,"percentile":257},"2026-03-19",0.2513,{"date":259,"score":244,"percentile":260},"2026-03-20",0.25185,{"date":262,"score":244,"percentile":263},"2026-03-21",0.25265,{"date":265,"score":244,"percentile":266},"2026-03-22",0.25246,{"date":268,"score":244,"percentile":269},"2026-03-23",0.25219,{"date":271,"score":244,"percentile":272},"2026-03-24",0.25218,{"date":274,"score":244,"percentile":275},"2026-03-25",0.25276,{"date":277,"score":244,"percentile":278},"2026-03-26",0.25334,{"date":280,"score":244,"percentile":281},"2026-03-27",0.2535,{"date":283,"score":244,"percentile":284},"2026-03-28",0.25377,{"date":286,"score":244,"percentile":287},"2026-03-29",0.25341,{"date":289,"score":244,"percentile":290},"2026-03-30",0.25321,{"date":292,"score":244,"percentile":293},"2026-03-31",0.25314,{"date":295,"score":244,"percentile":296},"2026-04-01",0.25331,{"date":298,"score":244,"percentile":299},"2026-04-02",0.25403,{"date":301,"score":244,"percentile":302},"2026-04-03",0.25414,{"date":304,"score":244,"percentile":305},"2026-04-04",0.25439,{"date":307,"score":244,"percentile":308},"2026-04-05",0.25387,{"date":310,"score":244,"percentile":311},"2026-04-06",0.25224,{"date":142,"score":96,"percentile":143},[314,319],{"source":100,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":315,"cvss_v4_0":9},{"baseScore":98,"baseSeverity":316,"vectorString":101,"impactScore":317,"exploitabilityScore":318},"MEDIUM",2.3,7.2,{"source":106,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":320,"cvss_v4_0":9},{"baseScore":98,"baseSeverity":316,"vectorString":101,"impactScore":317,"exploitabilityScore":318},[322],{"ecosystem":9,"name":323,"vendor":9,"product":323,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":324},"Webmail",[325,330],{"version":326,"is_range":327,"range_type":100,"version_start":9,"version_start_type":9,"version_end":328,"version_end_type":329,"fixed_in":9},"\u003C 1.5.13",true,"1.5.13","excluding",{"version":331,"is_range":327,"range_type":100,"version_start":332,"version_start_type":333,"version_end":334,"version_end_type":329,"fixed_in":9},">= 1.6.0, \u003C 1.6.13","1.6.0","including","1.6.13"]