Tracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device's web management interface.
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...