High severity7.5OSV Advisory· Published Mar 13, 2018· Updated Jun 17, 2026
CVE-2018-1000071
CVE-2018-1000071
Description
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.3.4
Patches
Vulnerability mechanics
References
2- www.legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txtnvdExploitThird Party Advisory
- github.com/roundcube/roundcubemail/issues/6173nvdThird Party Advisory
News mentions
0No linked articles in our index yet.