Zimbra Pdvsa Patched May 2026

I’m unable to produce a “full report” on because this phrase refers to a specific, real-world cybersecurity incident involving Venezuela’s state-owned oil company PDVSA and the Zimbra Collaboration Suite .

| CVE | Description | Impact | |------|-------------|--------| | | SSRF via /proxy endpoint | Bypass authentication | | CVE-2019-9670 | XXE in Sync service | Read arbitrary files | | CVE-2020-27996 (variants) | Unauthenticated RCE via maven artifact upload | Execute system commands | zimbra pdvsa