> EssentialInfoSec
Home / Feb 23, 2026 / Story
0
#4 The Hacker News general February 21, 2026 at 07:21 UTC

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

By [email protected] (The Hacker News)

AI Summary

CISA added two actively exploited Roundcube webmail vulnerabilities to its KEV catalog on Friday: CVE-2025-49113 (CVSS 9.9) for deserialization of untrusted data allowing remote code execution, and another unspecified flaw. Organizations using Roundcube must prioritize patching as these vulnerabilities are being exploited in the wild by threat actors.

Read full article → https://thehackernews.com/2026/02/cisa-adds-two-ac…

Relevance score: 88.0/100

# More from February 23

  1. 1
    AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries The Hacker News
  2. 2
    Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks BleepingComputer
  3. 3
    Critical Grandstream Phone Vulnerability Exposes Calls to Interception SecurityWeek
  4. 5
    Predator spyware hooks iOS SpringBoard to hide mic, camera activity BleepingComputer
  5. 6
    Arkanix Stealer pops up as short-lived AI info-stealer experiment BleepingComputer
  6. 7
    Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning The Hacker News
  7. 8
    EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security The Hacker News
  8. 9
    Major government research lab appears to be squeezing out foreign scientists Ars Technica Security
  9. 10
    Study shows how rocket launches pollute the atmosphere Ars Technica Security