<ul data-eligibleForWebStory="false"><li>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog.</li><li>CISA included vulnerabilities such as MRLG buffer overflow, PHPMailer command injection, Rails Ruby on Rails path traversal, and ZCS SSRF in the catalog.</li><li>The vulnerabilities pose risks of memory corruption, arbitrary code execution, file content disclosure, and SSRF, affecting various software versions.</li><li>Federal agencies are required to address these vulnerabilities by July 28, 2025, in alignment with a security directive to mitigate the risks of known exploited vulnerabilities.</li></ul>

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

Discover more