Exim

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-30232 HIGH PATCH This Week

A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. No vendor patch available.

Use After Free Memory Corruption Privilege Escalation Exim Suse
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-26794 HIGH PATCH Act Now

Exim mail server version 4.98 before 4.98.1 contains a remote SQL injection vulnerability when SQLite hints and ETRN serialization features are enabled. The vulnerability allows remote attackers to inject SQL through crafted SMTP commands, potentially compromising the mail server's configuration and queued messages.

SQLi Exim Redhat Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
72.1%
CVE-2025-30232
EPSS 0% CVSS 8.1
HIGH PATCH This Week

A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. No vendor patch available.

Use After Free Memory Corruption Privilege Escalation +2
NVD
CVE-2025-26794
EPSS 72% CVSS 7.5
HIGH PATCH Act Now

Exim mail server version 4.98 before 4.98.1 contains a remote SQL injection vulnerability when SQLite hints and ETRN serialization features are enabled. The vulnerability allows remote attackers to inject SQL through crafted SMTP commands, potentially compromising the mail server's configuration and queued messages.

SQLi Exim Redhat +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy