← back
CVE-2025-67896

CVE-2025-67896

CVSS 7 HIGHEPSS 0.4%CWE-122
In short

Exim email servers with specific rate-limit settings can crash or run malicious code when receiving specially crafted messages. An attacker doesn't need valid credentials, just network access to the mail server.

Technical detail

Exim before 4.99.1 is vulnerable to heap-based buffer overflow (CWE-122) when non-default rate-limit configurations are enabled. The vulnerability occurs due to unsafe casting of database records directly to internal structures without validation. Remote attackers can trigger memory corruption via malformed input, potentially achieving code execution or denial of service.

Summary generated and translated by AI from the official description.
Exim before 4.99.1, with certain non-default rate-limit configurations, allows a remote heap-based buffer overflow because database records are cast directly to internal structures without validation.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
Affected products
Exim · Exim

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exim.org/static/doc/security/https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txthttps://www.openwall.com/lists/oss-security/2025/12/11/2http://www.openwall.com/lists/oss-security/2025/12/14/1http://www.openwall.com/lists/oss-security/2025/12/18/3