Friday, 10 July 2026

Zimbra releases security updates

Zimbra developers released security updates to fix vulnerability that affects all versions of Zimbra. An attacker could exploit some of these vulnerabilities (CVE-2025-66376, CVE-2025-67809, CVE-2025-68645) to trigger cross-site scripting, denial of service condition, execute arbitrary files from the WebRoot directory, security restriction bypass and sensitive information disclosure on the targeted system.

Security vulnerability is fixed in the following Zimbra versions:

Source: zimbra.com

28 January 2026

-
33