"[...] instead of continuing to attack glibc's allocator with off-the-shelf mechanisms, XBOW Native had taken on Exim's own allocator," XBOW researchers say.
CVE-2026-45185 and the Exim builds it hits
A critical flaw, tracked as CVE-2026-45185, affects Exim builds compiled with the GNU Transport Layer Security (GnuTLS) library and that advertise STARTTLS and CHUNKING. The vulnerability impacts Exim versions 4.97 through 4.99.2; OpenSSL-based builds of Exim are not affected. A remediation was published in Exim version 4.99.3.
How the bug can become remote code execution
The vulnerability is a user-after-free (UAF) error that is triggered during TLS shutdown while the server is handling BDAT chunked SMTP traffic. Exim frees a TLS transfer buffer but later continues using stale callback references; those callbacks can write into the freed memory region. If exploited, that memory corruption can lead to unauthenticated remote code execution (RCE).
Attackers who successfully exploit the flaw could execute commands on the affected server, access Exim data and email, and — depending on server permissions and configuration — potentially pivot further into the environment.
Discovery timeline and response
XBOW researcher Federico Kirschbaum discovered and reported the issue. XBOW reported the vulnerability to the Exim maintainers on May 1st and received an acknowledgment on May 5th; impacted Linux distributions were notified three days later. Exim released a fix in version 4.99.3.
XBOW's seven-day AI-assisted exploit challenge
XBOW describes the proof-of-concept (PoC) work as a seven-day contest between its autonomous, AI-driven development system (XBOW Native) and a human researcher assisted by a large language model (LLM). In that contest, XBOW Native produced a working exploit against a simplified Exim target that lacked Address Space Layout Randomization (ASLR) and used a non-PIE binary. The LLM-assisted human achieved an exploit on a machine with ASLR but still a non-PIE binary.
XBOW researchers noted that, unusually, XBOW Native shifted tactics and "had taken on Exim's own allocator" rather than relying on standard attacks on glibc's allocator. Despite these advances, XBOW says the human researcher won the race, while acknowledging that the LLM played a vital support role — assembling files and testing exploitation avenues.
On the human side, the researcher reflected on the limits observed during the exercise: “Honestly, I don't think LLMs alone are quite ready to write exploits against real-world software yet. After this experience, I think it can solve something CTF-shaped, but I don't see them reaching the level of real production targets just yet.” At the same time, the researcher credited AI tools with speeding up code understanding and directing attention to suspicious areas.
Mitigation for Ubuntu and Debian-based Linux administrators
XBOW and the Exim maintainers recommend applying the available Exim updates (version 4.99.3) through distribution package managers. The advisory specifies that users of Ubuntu- and Debian-based distributions should update via their package management systems to obtain the patched Exim release. Since OpenSSL-based builds are not affected, administrators should still confirm which TLS library their Exim build uses and whether STARTTLS and CHUNKING are advertised.
What this means for Ubuntu and Debian administrators, Exim maintainers, and adversaries
- Ubuntu and Debian-based Linux distribution administrators: apply Exim v4.99.3 via package managers and verify whether deployed Exim builds were compiled with GnuTLS and advertise STARTTLS and CHUNKING.
- Exim maintainers: the timeline shows rapid disclosure and patching; maintainers must continue to review TLS shutdown paths and interaction with BDAT chunking for similar UAF risks, and communicate patches to downstream distributions.
- Adversaries and threat actors: the vulnerability offers an unauthenticated path to RCE on affected, GnuTLS-compiled Exim servers and therefore a high-value target for campaigns that seek mail access or lateral movement, depending on server privileges and configuration.
The immediate technical fix is straightforward: install Exim 4.99.3 from trusted package sources. The broader takeaway from XBOW's account is less tidy — AI tools and autonomous systems are already speeding parts of exploit development, but in this episode a human researcher, aided by an LLM, still proved decisive. For operators of mail infrastructure — particularly on Debian- and Ubuntu-based systems where Exim has historically been the default server — patching is the clear next step; the exploit-development contest underlines why speed matters in both discovery and remediation.
