CVE-2025-68461: RoundCube Webmail Cross-site Scripting Vulnerability.

RoundCube Webmail Cross-site Scripting Vulnerability. RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document.

• CISA KEV-listed (remediation due 2026-03-13)
• EPSS 6.9% (91.6% percentile)

Browse the CVE database

Read the full analysis on IntelFusions