Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Exim BDAT use-after-free in GnuTLS builds security flaw (CVE-2026-45185)

Vulnerability
First reported
Last updated
Happening score
H score 24
2 unique sources, 2 articles

Summary

Hide ▲

Exim has shipped a fix for CVE-2026-45185, a BDAT use-after-free that can cause heap corruption and potential code execution on affected mail servers. The flaw impacts Exim 4.97 through 4.99.2 builds using USE_GNUTLS=yes, while OpenSSL-based builds are not affected. The issue is fixed in 4.99.3, and users are advised to upgrade immediately.

Related Happenings

OpenDCIM multi-flaw exploitation wave (CVE-2026-28515, CVE-2026-28516, CVE-2026-28517)

Exploitation Wave
First: 17.05.2026 14:57 Last: 17.05.2026 14:57 Sources 1

About this happening: **openDCIM** is seeing an **active exploitation wave** tied to **CVE-2026-28515**, **CVE-2026-28516**, and **CVE-2026-28517**, with attackers targeting vulnerable installations an...

Open Happening

Timeline

  1. 12.05.2026 19:44 1 articles · 15d ago

    XBOW reports CVE-2026-45185 in Exim BDAT parsing

    Attribution Update

    Federico Kirschbaum of XBOW reports CVE-2026-45185, a use-after-free in Exim's BDAT message body parsing on GnuTLS-backed TLS connections that can corrupt heap memory and potentially lead to code execution.

    Show sources
    Open in new tab
  2. 12.05.2026 19:44 1 articles · 15d ago

    Exim publishes security updates for CVE-2026-45185

    Initial Disclosure

    Exim releases security updates for CVE-2026-45185, describing a BDAT use-after-free triggered when a TLS close_notify arrives before transfer completion and a final cleartext byte follows on the same TCP connection.

    Show sources
    Open in new tab
  3. 12.05.2026 19:44 2 articles · 15d ago

    Exim fixes CVE-2026-45185 in 4.99.3

    Mitigation Patch Update

    Exim addresses the issue in version 4.99.3 by resetting the input processing stack when a TLS close notification is received during an active BDAT transfer, preventing stale pointers from being used; users of affected USE_GNUTLS=yes builds are advised to upgrade because no mitigation fully resolves the vulnerability.

    Show sources
    Open in new tab