{"uuid": "4dda02a8-e53f-4bce-a943-207f1f54e2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54433", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mq7vmy67ro2v", "content": "A Roundcube zero-click XSS, CVE-2026-54433, lets an email run script with no click. Roundcube 1.7.2 also fixes a second stored XSS. Update now.\n\n#Roundcube #XSS #ZeroClick #Webmail #StoredXSS #CyberSecurity #Vulnerability #InfoSec", "creation_timestamp": "2026-07-09T15:01:27.199485Z"}