Use-After-Free Vulnerability in Exim Due to GnuTLS Configuration
CVE-2026-45185

9.8CRITICAL

Key Information:

Vendor

Exim

Status
Exim
Vendor
CVE Published:
12 May 2026

Badges

πŸ”₯ Trending nowπŸ“ˆ TrendedπŸ“ˆ Score: 1,940πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

What is CVE-2026-45185?

CVE-2026-45185 is a significant vulnerability affecting Exim, a widely used open-source mail transfer agent (MTA) primarily utilized for sending and receiving email on Unix-like operating systems. The vulnerability occurs due to improper handling of a specific GnuTLS configuration, leading to a use-after-free condition in the BDAT body parsing path. This flaw is triggered when a client unexpectedly sends a TLS close_notify signal mid-transfer during a CHUNKING process, followed by a cleartext byte on the same TCP connection. When exploited, this vulnerability could result in heap corruption, potentially allowing an unauthenticated remote attacker to execute arbitrary code on the affected server. Given Exim's prevalence in email handling, the implications of this vulnerability could be severe, compromising the confidentiality and integrity of email communications and server stability.

Potential impact of CVE-2026-45185

  1. Arbitrary Code Execution: The primary risk associated with CVE-2026-45185 is the potential for arbitrary code execution by an unauthenticated attacker. This could allow malicious actors to gain control over the affected server, enabling them to deploy malware, manipulate data, or launch further attacks.

  2. Service Disruption and Downtime: Exploitation of this vulnerability could lead to instability within the Exim service, resulting in significant downtime. This disruption would not only affect email delivery but could also have downstream impacts on business operations and communication.

  3. Data Integrity Risks: With the possibility of an attacker executing code, there are substantial risks concerning data integrity. Unauthorized modifications to email messages or server configurations could lead to data loss, data breaches, or the spread of misinformation, thus undermining the trustworthiness of the email system.

Affected Version(s)

Exim 4.97 < 4.99.3

News Articles

favicon imageBiztoc

What is Exim CVE-2026-45185 risk?

Exim CVE 2026 45185: unauthenticated RCE is the core threat The high signal takeaway around CVE 2026 45185 is that it enables unauthenticated remote code execution (RCE) in Exim…

10 hours ago

References

https://exim.org
https://code.exim.org/exim/wiki/wiki/EximSecurity
https://exim.org/static/doc/security/CVE-2026-45185.txt

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“ˆ

    Vulnerability started trending

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by Biztoc

  • Vulnerability published

  • Vulnerability Reserved

.