What is the CVSS score of EUVD-2026-18585?

EUVD-2026-18585 has a CVSS 3.1 base score of 4.2 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N. EPSS exploitation probability: 0.0%.

Is there a patch available for EUVD-2026-18585?

Yes, a patch is available for EUVD-2026-18585. Update the affected software to the latest version immediately.

Webmail EUVD-2026-18585

| CVE-2026-35541 MEDIUM

Access of Resource Using Incompatible Type (Type Confusion) (CWE-843)

2026-04-03 mitre

GHSA-46pv-mj2g-93gh

Information Disclosure Memory Corruption Webmail

4.2

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

4.2 MEDIUM

AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Lifecycle Timeline

Patch released

Apr 04, 2026 - 08:30 nvd

Patch available

EUVD ID Assigned

Apr 03, 2026 - 04:30 euvd

EUVD-2026-18585

Analysis Generated

Apr 03, 2026 - 04:30 vuln.today

CVE Published

Apr 03, 2026 - 03:50 nvd

MEDIUM 4.2

DescriptionCVE.org

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison in the password plugin could lead to type confusion that allows a password change without knowing the old password.

AnalysisAI

Type confusion in Roundcube Webmail's password plugin allows authenticated users to change passwords without knowing the old password, affecting versions before 1.5.14 and 1.6.14. The vulnerability stems from incorrect password comparison logic that enables privilege escalation within an authenticated session. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	The CVSS vector AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N indicates remote network attack requiring an existing authenticated session (PR:L), high attack complexity, and limited confidentiality and integrity impact without availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An authenticated user with a valid Roundcube session (or an attacker who has obtained a user's session token through phishing or credential compromise) accesses the password change feature in the webmail interface. The attacker submits a password change request with an arbitrary string for the 'old password' field; due to the type confusion flaw, the server's loose comparison incorrectly validates this incorrect old password as correct, permitting the attacker to set a new password without the original password. …
Remediation	Vendor-released patches are available: upgrade Roundcube Webmail to version 1.5.14, 1.6.14, or later. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-18585 vulnerability details – vuln.today

Back