GHSA-345h-r9m2-jr4pMediumCVSS 4.3

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, an infinite loop was discovered in the...

Published
July 14, 2026
Last Modified
July 14, 2026

🔗 CVE IDs covered (1)

📋 Description

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, an infinite loop was discovered in the TNEF decoder, which may lead to denial of service upon opening an email with a TNEF attachment.

🔗 References (9)