Exim
Coverage of Exim in the Nexus archive.
- New critical Exim mailer flaw allows remote code execution
A critical vulnerability in Exim mail transfer agent allows remote code execution by unauthenticated attackers. This flaw affects certain configurations of the open-source mail transfer agent. Exploitation can lead to arbitrary code execution.
- Dead.letter (CVE-2026-45185) Humans vs. LLM for Unauthenticated RCE Race on Exim
A vulnerability known as Dead-letter (CVE-2026-45185) has been discovered, relating to an Unauthenticated RCE race on Exim, with discussions on xbow.com and news.ycombinator.com. The issue pertains to a competition between humans and Large Language Models (LLM). Currently, there are no comments on the topic.
- New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. The vulnerability, tracked as CVE-2026-45185, aka Dead.Letter, is a use-after-free issue. Exim is an open-source Mail Transfer Agent designed for Unix-like systems.