OpenText has fixed two remote code execution vulnerabilities in its Extended ECM content management server.
Active exploitation of the CVE-2022-47966 ManageEngine flaw is underway.
Thousands of internet-exposed servers remain vulnerable to the critical-severity ConnectWise flaw.
Mass exploitation of a new Fortinet authentication bypass flaw (CVE-2022-40684) is ongoing and proof of concept exploits are available.
Zimbra has published mitigations against the actively exploited flaw (CVE-2022-41352) in Zimbra Collaboration Suite; however, it has yet to issue a fix.