AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2025-68461: RoundCube Webmail Cross-site Scripting Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesFebruary 19, 2026CVE-2025-68461

Summary

RoundCube Webmail has a cross-site scripting vulnerability (XSS, a type of attack where malicious code is injected into a webpage to run in users' browsers) that can be triggered through the animate tag in SVG documents. This vulnerability is currently being actively exploited by attackers in the wild. Organizations using RoundCube Webmail need to take action by the March 13, 2026 deadline.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Security updates are available in versions 1.6.12 and 1.5.12 (see vendor release notes at https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12).

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 6.3%

Exploit Maturity

🔥 Actively Exploited

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-68461

First tracked: February 20, 2026 at 07:00 PM

Classified by LLM (prompt v3) · confidence: 95%