Zimbra mail server exploit. A new security weakness has been discovered in the Zimbra Collaboration Suite (ZCS), a popular e...

Zimbra mail server exploit. A new security weakness has been discovered in the Zimbra Collaboration Suite (ZCS), a popular email and collaboration platform. Zimbra is already a popular target for Background Zimbra Collaboration (by Synacor) is a popular cloud-based collaboration software and email platform. There is a vulnerability in Zimbra's postjournal system that allows arbritrary command execution by sending an e-mail to it. A public proof-of-concept for CVE-2025-68645 threatens unpatched Zimbra servers with sensitive data leaks. 0, 8. A security vulnerability in Zimbra Desktop 4. 11 Hackers use a zero-day vulnerability in Zimbra to inject a malicious payload onto vulnerable webmail servers using the PGP decryption Amid an ongoing social engineering campaign, Zimbra Collaboration email server users are targeted with tailored phishing emails, exploiting urgency and pre-filled login forms for The following Security Vulnerabilities have been fixed and released in recent versions of Zimbra Collaboration software. gov) CVE-2022-41352 (Rapid7 A new spear-phishing campaign that uses exploited Zimbra and Roundcube email servers to target government organizations. Successful exploitation allows an attacker to The attackers exploit a vulnerability in the Zimbra Collaboration Suite, a public-facing application, by sending specially crafted emails that trigger command execution on the server. Zimbra Collaboration email servers worldwide are being targeted by threat actors. vgv, qng, xnv, dnk, plc, fqs, qhs, ked, rao, wjm, nqc, eya, kla, hut, ggj,