Zimbra security advisory (AV26-667)
Serial number: AV26-667 Date: July 7, 2026 On July 7, 2026, Zimbra published a security advisory to address vulnerabilities in the following product: Zimbra Collaboration Suite (ZCS) Classic Web Client – versions prior to v10.1.19 The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. Patch Release Update: Zimbra 10.1.19 Zimbra Patch Release Updates
CSIRTS triage
- What
- Zimbra published a security advisory to address vulnerabilities in the ZCS Classic Web Client.
- Who is affected
- Users and administrators of Zimbra Collaboration Suite versions prior to v10.1.19.
- Urgency
- Remediation is recommended to ensure security, although exploitation status is unclear.
- Action
- Upgrade to Zimbra version 10.1.19 or later.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Collaboration Suite (ZCS) Classic Web Client
Get an email when a new Collaboration Suite (ZCS) Classic Web Client advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://cyber.gc.ca/en/alerts-advisories/zimbra-security-advisory-av26-667
More from Canadian Centre for Cyber Security
- unknownBitWarden security advisory (AV26-683)2026-07-10
- criticalAL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 12026-07-10
- unknownMicrosoft Edge security advisory (AV26-682)2026-07-10
- criticalBroadcom VMware security advisory (AV26-681)2026-07-10
- unknownDjango security advisory (AV26-084) – Update 12026-07-09