Security News CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog TheHackerNews Daniel Bender 21 Feb 2026 CISA added two actively exploited Roundcube flaws to its KEV list, including a 9.9-rated RCE weaponized within 48 hours and an SVG-based XSS bug.
