CVE-2026-9818 Blast Radius

✕ WITHDRAWN — HISTORICAL DATARoundcube's HTML sanitization path for message rendering allows loopback, localhost, RFC1918, link-local, and ULA URLs even when remote content loadin