AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2025-66376: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesMarch 17, 2026CVE-2025-66376

Summary

Zimbra Collaboration Suite (ZCS) has a cross-site scripting vulnerability (XSS, a type of attack where malicious code runs in a user's browser) in its Classic UI that allows attackers to exploit CSS @import directives (special commands that load external stylesheets) in email HTML. This vulnerability is currently being actively exploited by attackers in real-world attacks.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. The due date for remediation is 2026-04-01.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

March 17, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-66376

First tracked: March 18, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%