CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Vulnerability in Synacor Zimbra Collaboration (July 7, 2026)

unknown
A vulnerability has been discovered in Synacor Zimbra Collaboration. It allows an attacker to cause a remote indirect code injection (XSS).

CSIRTS triage

What
A vulnerability allows remote indirect code injection (XSS).
Who is affected
Users of Synacor Zimbra Collaboration are affected.
Urgency
The urgency is unclear due to the unknown severity of the vulnerability.
Action
Monitor for updates and apply patches as they become available.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Zimbra Collaboration

Get an email when a new Zimbra Collaboration advisory drops — max one per day, one-click unsubscribe.

Details

Source
CERT-FR Avis de sécurité (FR · national-cert · site)
Severity
unknown
Published
2026-07-07
Exploitation
Not in CISA KEV at last sync
Language
Machine-translated to English — verify against the original

Original advisory: https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0844/

Recent advisories for Synacor Zimbra Collaboration

A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.

More from CERT-FR Avis de sécurité