Such a development comes after the vulnerability was discovered by Proofpoint to be leveraged in intrusions beginning September 28, following the release of its proof-of-concept exploit code and technical information by Project Discovery.
Article Link: Maximum severity Zimbra bug added to Known Exploited Vulnerabilities catalog | SC Media