VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Friends — sharing: Dead.Letter vulnerability in Exim (CVE-2026-45185)

Друзья, хочу поделиться находкой: уязвимость Dead.Letter в Exim (CVE-2026-45185)

From cybersecurity: Exim patched a critical BDAT vulnerability affecting GnuTLS builds.

• What happened: a use-after-free in BDAT parsing when a client sends TLS close_notify then a plaintext byte.
• Affected: Exim 4.97–4.99.2 compiled with USE_GNUTLS=yes.
• Reported by: XBOW (Federico Kirschbaum), disclosure 1 May 2026.
• Mitigation: upgrade to Exim 4.99.3 — no reliable mitigations available.

Why it matters: potential remote code execution on mail servers.

How will you handle Exim upgrades in your infrastructure?

#cybersecurity #exim #GnuTLS #infosec

Latest comments

No comments yet.