Browse all 35 CVE security advisories affecting Zohocorp. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zohocorp primarily develops and distributes web application servers, most notably the Zimbra Collaboration Suite, which facilitates enterprise email and document management. Security audits have identified thirty-five Common Vulnerabilities and Exposures (CVEs) associated with its software ecosystem. Historically, these flaws predominantly involve remote code execution and cross-site scripting, allowing attackers to bypass authentication or inject malicious scripts into web interfaces. Privilege escalation vulnerabilities have also been documented, enabling unauthorized users to gain administrative control over compromised systems. While no single catastrophic incident defines the company’s entire history, the recurring nature of these critical flaws highlights persistent challenges in input validation and access control within its legacy codebase. The accumulation of these CVEs underscores the necessity for rigorous patch management and continuous security monitoring for organizations relying on Zohocorp’s infrastructure, as unaddressed vulnerabilities remain a significant risk vector for data breaches and system compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1367 | SQL Injection — ManageEngine ADSelfService PlusCWE-89 | 8.3 | High | 2026-02-23 |
| CVE-2025-11250 | Authentication Bypass — ManageEngine ADSelfService PlusCWE-290 | 9.1 | Critical | 2026-01-13 |
This page lists every published CVE security advisory associated with Zohocorp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.