CVE-2026-35541 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison in the password plugin could lead to type confusion that al…
Medium CVSS: 4.2

CVE-2026-35541

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison in the password plugin could lead to type confusion that allows a password change without knowing the old password.
Vendor
-
Product
-
CWE
CWE-843
Yayın Tarihi
2026-04-03 05:16:22
Güncelleme
2026-04-03 16:10:23
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-843 MEDIUM 2026

Referanslar

https://github.com/roundcube/roundcubemail/commit/2e6a99b2a38110907ea8d3be8e59ec3d5802c394 https://github.com/roundcube/roundcubemail/commit/6a275676a8043083c05c961914d830b79e2490d4 https://github.com/roundcube/roundcubemail/commit/6fa2bddc59b9c9fd31cad4a9e2954a208d793dce https://github.com/roundcube/roundcubemail/releases/tag/1.5.14 https://github.com/roundcube/roundcubemail/releases/tag/1.6.14 https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5 https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14