CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33371

An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. An XML External Entity (XXE) vulnerability exists in the Zimbra Exchange Web Services (EWS) SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser with external entity resolution enabled. Successful exploitation may allow disclosure of sensitive local files from the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.5%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2026-33371

Synacor » Zimbra Collaboration Suite » Version: 10.0.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.0
Synacor » Zimbra Collaboration Suite » Version: 10.0.1

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.1
Synacor » Zimbra Collaboration Suite » Version: 10.0.10

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.10
Synacor » Zimbra Collaboration Suite » Version: 10.0.11

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.11
Synacor » Zimbra Collaboration Suite » Version: 10.0.12

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.12
Synacor » Zimbra Collaboration Suite » Version: 10.0.13

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.13
Synacor » Zimbra Collaboration Suite » Version: 10.0.14

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.14
Synacor » Zimbra Collaboration Suite » Version: 10.0.15

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.15
Synacor » Zimbra Collaboration Suite » Version: 10.0.16

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.16
Synacor » Zimbra Collaboration Suite » Version: 10.0.17

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.17
Synacor » Zimbra Collaboration Suite » Version: 10.0.18

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.18
Synacor » Zimbra Collaboration Suite » Version: 10.0.2

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.2
Synacor » Zimbra Collaboration Suite » Version: 10.0.3

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.3
Synacor » Zimbra Collaboration Suite » Version: 10.0.4

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.4
Synacor » Zimbra Collaboration Suite » Version: 10.0.5

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.5
Synacor » Zimbra Collaboration Suite » Version: 10.0.6

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.6
Synacor » Zimbra Collaboration Suite » Version: 10.0.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.7
Synacor » Zimbra Collaboration Suite » Version: 10.0.8

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.8
Synacor » Zimbra Collaboration Suite » Version: 10.0.9

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.9
Synacor » Zimbra Collaboration Suite » Version: 10.1.0

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.0
Synacor » Zimbra Collaboration Suite » Version: 10.1.1

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.1
Synacor » Zimbra Collaboration Suite » Version: 10.1.10

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.10
Synacor » Zimbra Collaboration Suite » Version: 10.1.11

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.11
Synacor » Zimbra Collaboration Suite » Version: 10.1.12

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.12
Synacor » Zimbra Collaboration Suite » Version: 10.1.13

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.13
Synacor » Zimbra Collaboration Suite » Version: 10.1.14

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.14
Synacor » Zimbra Collaboration Suite » Version: 10.1.15

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.15
Synacor » Zimbra Collaboration Suite » Version: 10.1.2

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.2
Synacor » Zimbra Collaboration Suite » Version: 10.1.3

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.3
Synacor » Zimbra Collaboration Suite » Version: 10.1.4

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.4
Synacor » Zimbra Collaboration Suite » Version: 10.1.5

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.5
Synacor » Zimbra Collaboration Suite » Version: 10.1.6

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.6
Synacor » Zimbra Collaboration Suite » Version: 10.1.7

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.7
Synacor » Zimbra Collaboration Suite » Version: 10.1.8

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.8
Synacor » Zimbra Collaboration Suite » Version: 10.1.9

cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33371

Products

Pricing

Contact Us