UBUNTU-CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

Exploit for CVE-2026-45185

CVE-2026-45185 — "Dead.Letter" Exim Vulnerability Scanner A s...

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent MTA designed for Unix-like systems to receive, route, and deliver email. The...

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

CVE-2026-45185

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to...

CVE-2026-45185

Exim (MTA) vulnerability CVE-2026-45185 is a use-after-free in the BDAT body parsing when using GnuTLS. Triggered by a TLS close_notify mid-body during a CHUNKING transfer followed by a final cleartext byte on the same TCP connection, it can cause heap corruption and potential arbitrary code exec...

Unity Linux 20.1060e / 20.1070e Security Update: gnutls (UTSA-2026-017626)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017626 advisory. A flaw was found in gnutls. A use after free issue in client sending keyshare extension may lead to memory corruption and other consequences. Tenable has extracted t...

Unity Linux 20.1060e / 20.1070e Security Update: gnutls (UTSA-2026-017621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017621 advisory. A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences...

OESA-2026-2221 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly

...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gnutls (UTSA-2026-017345)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017345 advisory. A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted...

CVE-2026-42225

A flaw was found in PJSIP. On GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via verifyserver = PJTRUE or verifyclient = PJTRUE...

[SECURITY] Fedora 44 Update: gnutls-3.8.13-1.fc44

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

CLSA-2026-1778240890 gnutls: Fix of CVE-2026-33845

CVE-2026-33845: fix DTLS handshake parsing integer underflow leading to OOB read...

CLSA-2026-1778239503 gnutls: Fix of CVE-2026-33845

CVE-2026-33845: fix DTLS handshake parsing integer underflow leading to OOB read...

CLSA-2026-1778238329 gnutls: Fix of CVE-2026-33845

CVE-2026-33845: fix DTLS handshake parsing integer underflow leading to OOB read...

Fedora 44 : gnutls (2026-668d2793e8)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-668d2793e8 advisory. Update to 3.8.13, fixes, like 13 CVEs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...