In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). Information might be divulged within an error message produced during handling of an unrelated e-mail message.
https://nvd.nist.gov/vuln/detail/CVE-2026-40686
Exim CVE-2026-40686
-
Starburst-David
- Posts: 53
- Joined: Wed Feb 11, 2026 8:31 pm