{"id":10856,"date":"2026-02-22T07:03:58","date_gmt":"2026-02-22T07:03:58","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/02\/22\/cisa-adds-two-actively-exploited-html\/"},"modified":"2026-02-22T07:03:58","modified_gmt":"2026-02-22T07:03:58","slug":"cisa-adds-two-actively-exploited-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/02\/22\/cisa-adds-two-actively-exploited-html\/","title":{"rendered":"CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog"},"content":{"rendered":"<p>    CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.<br \/>\nThe vulnerabilities in question are listed below &#8211;<\/p>\n<p>CVE-2025-49113 (CVSS score: 9.9) &#8211; A deserialization of untrusted data vulnerability that allows remote code<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/thehackernews.com\/2026\/02\/cisa-adds-two-actively-exploited.html\">Go to TheHackersNews<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below &#8211; CVE-2025-49113 (CVSS score: 9.9) &#8211; A deserialization [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[76],"class_list":["post-10856","post","type-post","status-publish","format-standard","hentry","category-thehackersnews","tag-thehackersnews"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10856"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=10856"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10856\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=10856"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=10856"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=10856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}