A vulnerability marked as problematic has been reported in Roundcube Webmail up to 1.6.15/1.7.0 . Affected is an unknown function of the component LDAP . This manipulation causes incorrect control flow. This vulnerability is handled as CVE-2026-48844 . The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.