We just released an update for a critical vulnerability to Roundcube. More information can be found here: Roundcube ≤ 1.6.10 Post-Auth RCE via PHP Object Deserialization [CVE-2025-49113]
Please make sure that your interworx-roundcube package is at least versions:
InterWorx 7 - interworx-roundcube-1.5.10-3022
InterWorx 8 - interworx-roundcube-1.6.11-3021
All that should be required to update is to run:
yum clean all
yum update
Barring you doing this manually, the update should install with the next daily cron (times differ depending on the server).
Thank you,
Brandon