Description
In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the TNEF decoder was subject to denial of service via a crafted compressed-RTF size.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the TNEF decoder was subject to denial of service via a crafted compressed-RTF size. | |
| First Time appeared |
Roundcube
Roundcube webmail |
|
| Weaknesses | CWE-770 | |
| CPEs | cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Roundcube
Roundcube webmail |
|
| References |
|
|
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-14T17:27:50.013Z
Reserved: 2026-07-14T15:46:28.729Z
Link: CVE-2026-62641
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses