This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to recently reported security vulnerabilities: Fix Post-Auth RCE via PHP Object Deserialization reported by firs0v. This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before

Source: Fedora 41: 2025-a5f56fe8ff critical: roundcubemail RCE issue