A corrective release of the mail server Exim 4.99.2 has been published, addressing four vulnerabilities that have been identified.
- CVE-2026-40685 – This vulnerability involves a read/write buffer overflow that occurs when processing JSON data in the email header.
- CVE-2026-40686 – The second vulnerability pertains to reading data from an out-of-bounds buffer when handling specially formatted UTF-8 characters at the end of headers. This flaw could lead to memory leakage in error messages.
- CVE-2026-40687 – The next vulnerability is a read/write buffer overflow that is present in configurations using the SPA (Simple Password Authentication) authentication driver. It can be exploited by an attacker when accessing an SPA/NTLM server controlled by them.
- CVE-2026-40684 – Lastly, a vulnerability causing the process to crash when processing specially designed data in DNS PTR records has been identified. This vulnerability is only present in systems using musl libc.
/Reports, release notes, official announcements.