Jul 112026 Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions Zimbra fixes a critical stored XSS flaw in its Classic Web Client that could let crafted emails run malicious scripts when opened. Update to 10.1.19.