2186 matches found
CVE-2026-45185
Exim (MTA) vulnerability CVE-2026-45185 is a use-after-free in the BDAT body parsing when using GnuTLS. Triggered by a TLS close_notify mid-body during a CHUNKING transfer followed by a final cleartext byte on the same TCP connection, it can cause heap corruption and potential arbitrary code exec...
CVE-2026-45185
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...
[SECURITY] Fedora 42 Update: exim-4.99.2-1.fc42
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
[SECURITY] Fedora 43 Update: exim-4.99.2-1.fc43
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
[SECURITY] Fedora 44 Update: exim-4.99.2-1.fc44
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
Fedora 44 : exim (2026-7f7b8d957f)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f7b8d957f advisory. This is new version of exim fixing some security bugs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Fedora 42 : exim (2026-fff37fe569)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-fff37fe569 advisory. This is new version of exim fixing some security bugs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Fedora 43 : exim (2026-c23e1d19d2)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c23e1d19d2 advisory. This is new version of exim fixing some security bugs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
CLSA-2026-1778297730 exim: Fix of 2 CVEs
CVE-2026-40685: dewrap OOB read/write on trailing backslash in JSON header - CVE-2026-40687: SPA authenticator OOB read/write and base64 decode infoleak - Refresh Exim-Maintainers-Keyring.asc to verify the 4.99.x release tarball signature...
CLSA-2026-1778147777 exim: Fix of CVE-2026-40685
CVE-2026-40685: fix OOB heap write in dewrap during JSON expansion...
exim: Fix of CVE-2026-40685
CVE-2026-40685: fix OOB heap write in dewrap during JSON expansion...
📄 Exim 4.91 Remote Command Execution
Exim versions 4.87 through 4.91 improper recipient-address validation remote command execution exploit. Spawns a netcat shell on port 31415 as root, then connects to it Vulnerablity is within Exim 4.87-4.91 import subprocess import socket import os import time from subprocess import Popen, PIPE...
CLSA-2026-1778173472 exim: Fix of 2 CVEs
CVE-2026-40685: fix heap corruption when expanding malformed JSON - CVE-2026-40687: fix heap buffer overflow and infoleak in SPA authenticator...
Exploit for OS Command Injection in Exim
No d...
CLSA-2026-1778024757 exim: Fix of CVE-2026-40687
CVE-2026-40687: fix uninitialized buffer and out-of-bounds writes in SPA authenticator...
exim: Fix of CVE-2026-40687
CVE-2026-40687: fix uninitialized buffer and out-of-bounds writes in SPA authenticator...
CVE-2026-40685
A flaw was found in Exim. When JSON lookup is enabled, a remote attacker can send specially crafted malformed JSON in an untrusted header, leading to an out-of-bounds heap write. This issue, caused by an incorrect implementation of backslash skipping, can result in a denial of service...
CVE-2026-40687
A flaw was found in Exim. When the Secure Password Authentication SPA driver processes input from a malicious SPA resource, it can lead to an out-of-bounds write, causing the connection to crash and resulting in a Denial of Service DoS. This vulnerability also allows for the disclosure of sensiti...
CVE-2026-40684
A flaw was found in Exim, specifically on systems utilizing musl libc. A remote attacker can exploit this vulnerability by providing malformed DNS data within PTR records. This can lead to the mail transfer agent MTA connection instance crashing, resulting in a Denial of Service DoS for affected...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Exim vulnerabilities (USN-8228-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8228-1 advisory. It was discovered that Exim incorrectly handled parsing malformed JSON in message headers. A remote attacker could possib...