ByteOS Network

CVE Vulnerability Details :

CVE-2026-45185

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-12 May, 2026 | 00:00

Updated At-12 May, 2026 | 20:08

▼CVE Numbering Authority (CNA)

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

Affected Products

Vendor

Exim

Product

Exim

Default Status

unaffected

Versions

Affected

From 4.97 before 4.99.3 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-416	CWE-416 Use After Free

Type: CWE

CWE ID: CWE-416

Description: CWE-416 Use After Free

Metrics

Version	Base score	Base severity	Vector
3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://exim.org	N/A
https://code.exim.org/exim/wiki/wiki/EximSecurity	N/A
https://exim.org/static/doc/security/CVE-2026-45185.txt	N/A
https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim	N/A
https://news.ycombinator.com/item?id=48111748	N/A
https://www.openwall.com/lists/oss-security/2026/05/12/4	N/A
https://exim.org/static/doc/security/EXIM-Security-2026-05-01.1/	N/A