Threat Advisories - NVD Disclosed November 19, 2021

CVE-2021-44026

Roundcube Webmail SQL Injection Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Roundcube Webmail has a vulnerability in its search functionality. This flaw allows for unauthorized data access and could disrupt operations. Organizations using affected versions face business risk and potential data compromise.

NVD published: November 19, 2021 • CISA KEV