The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild.
The vulnerabilities in question are as follows -

CVE-2025-66376 (CVSS score: 7.2) - A stored cross-site scripting



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/03/cisa-warns-of-zimbra-sharepoint-flaw.html