Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Zimbra — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Zimbra. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Zimbra serves as a collaborative email and calendaring platform, primarily used by organizations for unified communication. Historically, it has been susceptible to various vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure default configurations. The platform's complex architecture and extensive feature set have contributed to security challenges, with past incidents involving unauthorized access and data breaches. Despite these issues, Zimbra remains widely deployed, necessitating regular security updates and hardening to mitigate risks associated with its known CVE history.

Top products by Zimbra: Zimbra Collaboration zm-ajax zm-admin-ajax
CVE IDTitleCVSSSeverityPublished
CVE-2025-66376 Zimbra Collaboration 跨站脚本漏洞 — CollaborationCWE-79 7.2 High2026-01-05
CVE-2025-62763 Zimbra Collaboration 代码问题漏洞 — CollaborationCWE-918 5.0 Medium2025-10-21
CVE-2024-9665 Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability — ZimbraCWE-352 6.5 -2024-11-22
CVE-2017-20191 Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError cross site scripting — zm-admin-ajaxCWE-79 3.5 Low2024-03-31
CVE-2017-20188 Zimbra zm-ajax XFormItem.js XFormItem.prototype.setError cross site scripting — zm-ajaxCWE-79 2.6 Low2024-01-02
CVE-2013-1938 Zimbra aspell.php 跨站脚本漏洞 — Zimbra 6.1 -2020-02-12

This page lists every published CVE security advisory associated with Zimbra. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.