2188 matches found
The vulnerability was exploited in Exim.
The developers of Exim introduced a vulnerability in the Exim Mail Transfer Agent versions prior to 4.99.3. This vulnerability involves a use-after-free in the BDAT body parsing process, specifically when certain GnuTLS backend configurations are used. An unauthorized attacker can exploit this...
CLSA-2026-1778690918 exim: Fix of CVE-2026-40686
CVE-2026-40686: out-of-bounds read in the GETUTF8INC macro in src/expand.c when processing malformed UTF-8 in expansion operators with utf8 enabled, potentially disclosing heap data via SMTP rejection messages...
SUSE CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
CVE-2026-45185
A flaw was found in Exim. An unauthenticated remote attacker could exploit a use-after-free vulnerability in the BDAT body parsing path when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap...
Exim 4.99.2 Memory Corruption
A remotely reachable memory corruption issue was discovered in Exim's GnuTLS backend. The vulnerability is triggered during BDAT message body handling when a client sends a TLS closenotify alert before the body transfer is complete, and then follows up with a final byte in cleartext on the same T...
The vulnerability of the ungetc() function in the BDAT/CHUNKING component of the email server Exim, which allows a hacker to execute arbitrary code.
The vulnerability of the ungetc function in the BDAT/CHUNKING component of the email server Exim relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
EUVD-2026-29824
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
UBUNTU-CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
Exploit for CVE-2026-45185
CVE-2026-45185 — "Dead.Letter" Exim Vulnerability Scanner A s...
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent MTA designed for Unix-like systems to receive, route, and deliver email. The...
USN-8270-1: Exim vulnerability
It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8270-1 exim4 vulnerability
It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...
CVE-2026-45185
creationtimestamp| type| source ---|---|--- 2026-05-12 14:44:00+00:00| seen| https://thehackernews.com/2026/05/new-exim-bdat-vulnerability-exposes.html 2026-05-12 18:00:04+00:00| seen| https://t.me/GithubRedTeam/83976 2026-05-12 23:00:14+00:00| seen|...
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
PT-2026-40334
Name of the Vulnerable Software and Affected Versions Exim versions 4.97 through 4.99.2 Description A use-after-free issue exists in the BDAT body parsing path of Exim when compiled with GnuTLS. The flaw is triggered when a client sends a TLS close notify alert during a CHUNKING transfer before t...
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...