Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA patch guidance for Zimbra and SharePoint flaws

Advisory/Mitigation
First reported
Last updated
Happening score
H score 60
1 unique sources, 1 articles

Summary

Hide ▲

CISA told FCEB agencies to patch two actively exploited vulnerabilities in Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, creating immediate risk for government collaboration systems. The directive covers CVE-2025-66376 in ZCS and CVE-2026-20963 in SharePoint, with deadlines of March 23, 2026 and April 1, 2026. Public reporting does not identify the attackers or the scale of exploitation, but both flaws are already fixed and require prompt remediation.

Cases

APT28 GhostMail abuse of Zimbra Classic UI flaw (3)

Related Happenings

Pretalx stored XSS (CVE-2026-41241)

Vulnerability
First: 27.05.2026 17:30 Last: 27.05.2026 17:30 Sources 1

About this happening: A high-severity **stored XSS** in **Pretalx** tracked as **CVE-2026-41241** let registered speakers inject code that could run when an organizer searched a submission, creating **...

Open Happening

SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)

Security Patch Release
First: 12.05.2026 14:04 Last: 12.05.2026 14:04 Sources 1

About this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...

Open Happening

Synacor Zimbra CVE-2025-48700 security patch release

Security Patch Release
First: 24.04.2026 16:35 Last: 24.04.2026 16:35 Sources 1

About this happening: Synacor released **security patches** for **CVE-2025-48700**, fixing an **XSS flaw** in **Zimbra Classic UI** that could be triggered by a **malicious email** and expose **sensiti...

Open Happening

Zimbra Collaboration Suite actively exploited XSS flaw (CVE-2025-48700)

Vulnerability
First: 24.04.2026 16:35 Last: 24.04.2026 16:35 Sources 1

About this happening: **CVE-2025-48700** is an **actively exploited XSS flaw** in **Zimbra Collaboration Suite (ZCS)** that can let unauthenticated attackers run JavaScript inside a user's session and...

Open Happening

NIST CVE/NVD prioritization shift

Public Sector Action
First: 17.04.2026 00:47 Last: 17.04.2026 00:47 Sources 1

About this happening: **NIST** is **changing** its **CVE/NVD prioritization** so that, starting **April 15, 2026**, it will provide full details only for a **subset of CVEs**. The shift matters because...

Open Happening

Timeline

  1. 19.03.2026 08:05 1 articles · 2mo ago

    Interlock exploits Cisco firewall zero-day for initial access

    Exploitation Observed

    Threat actors associated with Interlock ransomware have exploited Cisco's firewall management software CVE-2026-20131 as a zero-day since January 26, 2026, using the edge-device flaw to gain initial access to target networks and showing a continuing focus on perimeter devices.

    Show sources
    Open in new tab
  2. 19.03.2026 08:05 2 articles · 2mo ago

    CISA urges FCEB patching for Zimbra and SharePoint flaws

    Mitigation Patch Update

    CISA urged Federal Civilian Executive Branch (FCEB) agencies to apply patches for CVE-2025-66376 in Synacor Zimbra Collaboration Suite (ZCS) by April 1, 2026 and CVE-2026-20963 in Microsoft Office SharePoint by March 23, 2026 after identifying both flaws as actively exploited in the wild.

    Show sources
    Open in new tab