Lucene search
+L

2188 matches found

NCSC
NCSC
added 2026/05/15 12:8 p.m.16 views

The vulnerability was exploited in Exim.

The developers of Exim introduced a vulnerability in the Exim Mail Transfer Agent versions prior to 4.99.3. This vulnerability involves a use-after-free in the BDAT body parsing process, specifically when certain GnuTLS backend configurations are used. An unauthorized attacker can exploit this...

9.8CVSS6.4AI score0.01225EPSS
Exploits2References4
OSV
OSV
added 2026/05/13 4:48 p.m.7 views

CLSA-2026-1778690918 exim: Fix of CVE-2026-40686

CVE-2026-40686: out-of-bounds read in the GETUTF8INC macro in src/expand.c when processing malformed UTF-8 in expansion operators with utf8 enabled, potentially disclosing heap data via SMTP rejection messages...

5.3CVSS6AI score0.00246EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/13 2:21 p.m.12 views

SUSE CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/05/13 12:43 p.m.26 views

CVE-2026-45185

A flaw was found in Exim. An unauthenticated remote attacker could exploit a use-after-free vulnerability in the BDAT body parsing path when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap...

9.8CVSS6.3AI score0.01225EPSS
Exploits2References2
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.11 views

Exim 4.99.2 Memory Corruption

A remotely reachable memory corruption issue was discovered in Exim's GnuTLS backend. The vulnerability is triggered during BDAT message body handling when a client sends a TLS closenotify alert before the body transfer is complete, and then follows up with a final byte in cleartext on the same T...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.5 views

The vulnerability of the ungetc() function in the BDAT/CHUNKING component of the email server Exim, which allows a hacker to execute arbitrary code.

The vulnerability of the ungetc function in the BDAT/CHUNKING component of the email server Exim relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS7.8AI score0.01225EPSS
Exploits2References6Affected Software2
EUVD
EUVD
added 2026/05/12 9:31 p.m.22 views

EUVD-2026-29824

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References8
NVD
NVD
added 2026/05/12 8:16 p.m.32 views

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS0.01225EPSS
Exploits2References8
OSV
OSV
added 2026/05/12 8:16 p.m.8 views

UBUNTU-CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References6
GithubExploit
GithubExploit
added 2026/05/12 5:51 p.m.350 views

Exploit for CVE-2026-45185

CVE-2026-45185 — "Dead.Letter" Exim Vulnerability Scanner A s...

9.8CVSS6.3AI score0.01225EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/05/12 4:44 p.m.17 views

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent MTA designed for Unix-like systems to receive, route, and deliver email. The...

9.8CVSS6.5AI score0.01225EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/05/12 2:53 p.m.19 views

USN-8270-1: Exim vulnerability

It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/12 2:53 p.m.13 views

USN-8270-1 exim4 vulnerability

It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References2
Circl
Circl
added 2026/05/12 2:44 p.m.18 views

CVE-2026-45185

creationtimestamp| type| source ---|---|--- 2026-05-12 14:44:00+00:00| seen| https://thehackernews.com/2026/05/new-exim-bdat-vulnerability-exposes.html 2026-05-12 18:00:04+00:00| seen| https://t.me/GithubRedTeam/83976 2026-05-12 23:00:14+00:00| seen|...

9.8CVSS6AI score0.01225EPSS
Exploits2References38
Vulnrichment
Vulnrichment
added 2026/05/12 12:0 a.m.9 views

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40334

Name of the Vulnerable Software and Affected Versions Exim versions 4.97 through 4.99.2 Description A use-after-free issue exists in the BDAT body parsing path of Exim when compiled with GnuTLS. The flaw is triggered when a client sends a TLS close notify alert during a CHUNKING transfer before t...

10CVSS6.5AI score0.01225EPSS
Exploits2References123
Cvelist
Cvelist
added 2026/05/12 12:0 a.m.90 views

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS0.01225EPSS
Exploits2References7
UbuntuCve
UbuntuCve
added 2026/05/12 12:0 a.m.18 views

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2026/05/12 12:0 a.m.24 views

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/12 12:0 a.m.41 views

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

9.8CVSS6.2AI score0.01225EPSS
Exploits2
Rows per page
Query Builder