Critical Decade-Old Vulnerability Discovered in Roundcube Webmail Software

Cybersecurity researchers have revealed a critical vulnerability in the Roundcube webmail software that has been present for a decade. This vulnerability, identified as CVE-2025-49113, has a CVSS score of 9.9 out of 10.0. It allows for the remote execution of arbitrary code after authentication. The flaw could be exploited to take control of vulnerable systems.