Tag: cve 2026 45185

2 articles

Vulnerable server in a data center setting with exposed network connections.

Exim Flaw Exposes Servers to Remote Code Execution

A critical flaw in Exim, tracked as CVE-2026-45185, leaves servers vulnerable to remote code execution if they're running specific builds, but thankfully, a remediation was published in Exim version 4.99.3. This vulnerability is triggered during TLS shutdown while handling certain SMTP traffic, allowing attackers to exploit it.

Analyst 207May 13, 2026

Rows of computer servers and networking equipment in a brightly-lit mail server room.

Exim BDAT Flaw Exposes GnuTLS Builds to Code Execution Risk

A newly discovered vulnerability, dubbed Dead.Letter, threatens Exim builds that use GnuTLS, allowing attackers to exploit a use-after-free flaw in BDAT handling and potentially execute malicious code. This critical flaw can be triggered when a specific sequence of BDAT and TLS commands is sent, leading to heap corruption and a heightened risk of code execution.

Analyst 207May 12, 2026