Zimbra has unveiled software upgrades to rectify significant security vulnerabilities in its Collaboration software that, if effectively exploited, might lead to data exposure under particular circumstances.
This weakness, labeled as CVE-2025-25064, holds a CVSS rating of 9.8 out of a peak of 10.0. It has been characterized as an SQL injection defect within the ZimbraSync Service SOAP interface impacting