A critical remote code execution (RCE) vulnerability, identified as CVE-2026-45185, has been discovered in the Exim mail transfer agent (MTA). This user-after-free (UAF) flaw occurs during TLS shutdown while handling BDAT chunked SMTP traffic and specifically impacts Exim versions 4.97 through 4.99.2 compiled with the GnuTLS library. Builds using OpenSSL are reportedly unaffected.
Researchers at XBOW disclosed the flaw, noting that while human researchers still hold an edge in complex environments, AI tools like XBOW Native and LLMs significantly accelerated the exploit development process. Security teams are urged to update to Exim version 4.99.3 immediately, as the vulnerability could allow unauthenticated attackers to execute commands, access emails, and pivot within sensitive server environments.
Top comments (0)