CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Zimbra security advisory (AV26-667)

unknown
Serial number: AV26-667 Date: July 7, 2026 On July 7, 2026, Zimbra published a security advisory to address vulnerabilities in the following product: Zimbra Collaboration Suite (ZCS) Classic Web Client – versions prior to v10.1.19 The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. Patch Release Update: Zimbra 10.1.19 Zimbra Patch Release Updates

CSIRTS triage

What
Zimbra published a security advisory to address vulnerabilities in the ZCS Classic Web Client.
Who is affected
Users and administrators of Zimbra Collaboration Suite versions prior to v10.1.19.
Urgency
Remediation is recommended to ensure security, although exploitation status is unclear.
Action
Upgrade to Zimbra version 10.1.19 or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Collaboration Suite (ZCS) Classic Web Client

Get an email when a new Collaboration Suite (ZCS) Classic Web Client advisory drops — max one per day, one-click unsubscribe.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
unknown
Published
2026-07-07
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/zimbra-security-advisory-av26-667

More from Canadian Centre for Cyber Security