Zimbra Archives • Daily CyberSecurity

CISA Warns of Active Exploitation in Cisco, PaperCut, and Zimbra TP-Link, CISA CVE-2023-32315 CISA KEV Catalog Active Exploitation

CISA Warns of Active Exploitation in Cisco, PaperCut, and Zimbra

Do Son April 21, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding eight...

Triple Threat Patched: Zimbra 10.1.16 Fixes XSS, XXE & LDAP Injection

Do Son February 13, 2026

Zimbra has rolled out a significant security update for its collaboration suite, releasing Zimbra 10.1.16 to address...

CISA Adds 4 Critical Flaws to “Must-Patch” List as Exploits Surge CISA KEV Update Versa Concerto Vulnerability KEV Catalog Vulnerability Patch CVE-2025-30406

CISA KEV Update Versa Concerto Vulnerability KEV Catalog Vulnerability Patch CVE-2025-30406

CISA Adds 4 Critical Flaws to “Must-Patch” List as Exploits Surge

Do Son January 23, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...

Zimbra Under Siege: High-Severity LFI Vulnerability Exposes Internal Files to Unauthenticated Attackers

Do Son December 25, 2025

Administrators of the popular Zimbra Collaboration Suite (ZCS) are being urged to patch immediately after the discovery...

Critical Zimbra Flaw Fixed: Patch Addresses Multiple Stored XSS and Unauthenticated LFI in Mail Client Zimbra Critical XSS, Unauthenticated LFI

Zimbra Critical XSS, Unauthenticated LFI

Critical Zimbra Flaw Fixed: Patch Addresses Multiple Stored XSS and Unauthenticated LFI in Mail Client

Do Son November 11, 2025

Zimbra has issued a critical security patch, Zimbra Daffodil (v10.1.13), to address a host of vulnerabilities in...

Zimbra Issues Emergency Patch for Critical SSRF Vulnerability in Chat Proxy Configuration Zimbra SSRF, Chat Proxy Flaw

Zimbra Issues Emergency Patch for Critical SSRF Vulnerability in Chat Proxy Configuration

Do Son October 17, 2025

Zimbra has released an emergency security patch (version 10.1.12) to address a critical Server-Side Request Forgery (SSRF)...

Zimbra XSS Zero-Day (CVE-2025-27915) Actively Exploited; CISA Adds to KEV Catalog State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

Zimbra XSS Zero-Day (CVE-2025-27915) Actively Exploited; CISA Adds to KEV Catalog

Do Son October 8, 2025

A cross-site scripting (XSS) vulnerability in Synacor Zimbra Collaboration Suite (ZCS) — tracked as CVE-2025-27915 — has...

Lotus Blossom Hackers Target Southeast Asia with Sagerunex Backdoor Lotus Blossom group - Sagerunex backdoor

Lotus Blossom Hackers Target Southeast Asia with Sagerunex Backdoor

Do Son March 2, 2025

A sophisticated cyber espionage operation linked to the Lotus Blossom group has been discovered targeting government, manufacturing,...

CISA Flags Actively Exploited Zimbra (CVE-2023-34192) and Microsoft (CVE-2024-49035) Vulnerabilities CISA KEV Catalog Active Exploitation CVE-2023-33063 - CVE-2023-34192 and CVE-2024-49035

CISA KEV Catalog Active Exploitation CVE-2023-33063 - CVE-2023-34192 and CVE-2024-49035

CISA Flags Actively Exploited Zimbra (CVE-2023-34192) and Microsoft (CVE-2024-49035) Vulnerabilities

Do Son February 25, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding two critical vulnerabilities to its...

Zimbra Email Servers Under Attack: CISA Flags CVE-2024-45519 as Actively Exploited

Do Son October 4, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Zimbra email servers,...

Winter Vivern Targets Roundcube’s Zero-Day Vulnerability CVE-2023-5631

Winter Vivern Targets Roundcube’s Zero-Day Vulnerability

Do Son October 26, 2023

The cybercriminals under the pseudonym Winter Vivern were observed exploiting a zero-day vulnerability in the Roundcube Webmail...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Zimbra

CISA Warns of Active Exploitation in Cisco, PaperCut, and Zimbra

Triple Threat Patched: Zimbra 10.1.16 Fixes XSS, XXE & LDAP Injection

CISA Adds 4 Critical Flaws to “Must-Patch” List as Exploits Surge

Zimbra Under Siege: High-Severity LFI Vulnerability Exposes Internal Files to Unauthenticated Attackers

Critical Zimbra Flaw Fixed: Patch Addresses Multiple Stored XSS and Unauthenticated LFI in Mail Client

Zimbra Issues Emergency Patch for Critical SSRF Vulnerability in Chat Proxy Configuration

Zimbra XSS Zero-Day (CVE-2025-27915) Actively Exploited; CISA Adds to KEV Catalog

Lotus Blossom Hackers Target Southeast Asia with Sagerunex Backdoor

CISA Flags Actively Exploited Zimbra (CVE-2023-34192) and Microsoft (CVE-2024-49035) Vulnerabilities

Zimbra Email Servers Under Attack: CISA Flags CVE-2024-45519 as Actively Exploited

Winter Vivern Targets Roundcube’s Zero-Day Vulnerability