CVE advisoryKnown Exploit
CVE-2025-68645
Zimbra Collaboration: File Inclusion Vulnerability
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A Local File Inclusion vulnerability exists in Zimbra Collaboration's Webmail Classic UI. This allows unauthenticated remote attackers to include arbitrary files from the WebRoot directory. This impacts affected organizations by posing a risk of unauthorized data access and potential service disruption. Attackers can e