Summary
A vulnerability with severity “high” has been discovered in the Exim mail server. This vulnerability, if exploited, could allow the execution of arbitrary code, data manipulation and elevation of privileges on the target servers.
Note: a Proof of Concept (PoC) for the exploitation of the vulnerability is available online.
Risk
Estimate of the impact of the vulnerability on the reference community: Critical (76.28)
Type
- Remote Code Execution
- Data Manipulation
- Privilege Escalation
Affected products and/or versions
Exim 4.98.x, versions prior to 4.98.1
N.B. The listed products are vulnerable if they are configured with SQLite support for managing suggestion databases and when ETRN settings with serialization enabled are activated.
Mitigation Actions
In line with vendor statements, it is recommended to update vulnerable products following the indications of the security bulletin reported in the References section.
References
https://exim.org/static/doc/security/CVE-2025-26794.txt
https://exim.org/download.html
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
