Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

CVE-2026-45185

Critical Exim flaw can let remote attackers run code on affected servers

News, Risk, Vulnerabilities

May 14, 2026

A critical Exim flaw fixed in version 4.99.3 could let unauthenticated attackers execute code on affected mail servers. The bug affects some GnuTLS-based builds before 4.99.3 and is triggered during TLS shutdown with chunked SMTP traffic.
Exim patches BDAT flaw that could lead to code execution

News, Risk, Vendors, Vulnerabilities

May 13, 2026

Exim has patched CVE-2026-45185, a use-after-free flaw in BDAT parsing that could lead to memory corruption and possible code execution in affected GnuTLS-based builds. Version 4.99.3 fixes the issue.

About
Editorial Policy
Privacy
Contact