CVE-2019-15237by Jeremyin Security Bulletinson Posted on August 20, 2019 Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.