Unrated severityCISA KEVNVD Advisory· Published Nov 19, 2021· Updated Oct 21, 2025
CVE-2021-44026
CVE-2021-44026
Description
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
Affected products
1- Roundcube/Roundcubedescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDVGIZMQJ5IOM47Y3SAAJRN5VPANKTKO/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TP3Y5RXTUUOUODNG7HFEKWYNIPIT2NL4/mitrevendor-advisoryx_refsource_FEDORA
- www.debian.org/security/2021/dsa-5013mitrevendor-advisoryx_refsource_DEBIAN
- bugs.debian.org/1000156mitrex_refsource_MISC
- github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1mitrex_refsource_MISC
- github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfamitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2021/12/msg00004.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.