CVE-2026-48840

CVSS 5.3 MEDIUMEPSS 0.3%CWE-839

In short

Exim mail server versions before 4.99.4 can leak uninitialized memory to clients in certain proxy setups when processing short payloads. This could expose sensitive data that was previously stored in the server's memory.

Technical detail

A memory disclosure vulnerability in Exim 4.88–4.99.3 occurs when specific proxy configurations process crafted short payloads, causing uninitialized stack memory to be returned to an unauthenticated client. Attack requires a susceptible proxy setup; impact is information disclosure of potentially sensitive in-memory data.

Summary generated and translated by AI from the official description.

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Exim · Exim

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://exim.org/static/doc/security/EXIM-Security-2026-05-19.1 https://lists.debian.org/debian-lts-announce/2026/06/msg00004.html https://www.openwall.com/lists/oss-security/2026/05/29/3 http://www.openwall.com/lists/oss-security/2026/05/29/3