Topic RSS

Exim

More context

People are discussing a newly reported high-severity Exim vulnerability, CVE-2026-45185 (“Dead.Letter”), involving a UAF in the GnuTLS BDAT handler. The headline claims it enables unauthenticated remote code execution and that BDAT has produced at least two prior CVEs at CVSS 9.8.

Contextr/linuxadmin
Limited signal. This briefing is built from 1 source — treat the summary as preliminary, not a comprehensive newsroom report.

Also known as exim mail server·exim mta·exim internet mailer·exim 4·exim 4.98

Negative Sentiment
1 Sources · 1 signals
Last updated · next ~22:30
Key Takeaway Exim’s GnuTLS BDAT handler is reported to have a CVSS 9.8 UAF that could allow unauthenticated RCE via CVE-2026-45185.
AI summary · grounded in cited sources
Sourcesr/linuxadmin
Exim security advisory CVE-2026-45185 Dead.Letter unauthenticated RCE exim mail server exim mta
Negative 12/100
Themes
CVE-2026-45185 Dead.Letterunauthenticated RCE
+1 adjacent themes
Exim security advisory
AI Brief

Exim’s GnuTLS BDAT handler is reported to have a CVSS 9.8 UAF that could allow unauthenticated RCE via CVE-2026-45185.

People are discussing a newly reported high-severity Exim vulnerability, CVE-2026-45185 (“Dead.Letter”), involving a UAF in the GnuTLS BDAT handler. The headline claims it enables unauthenticated remote code execution and that BDAT has produced at least two prior CVEs at CVSS 9.8.

Trending Activity
Trend score · left axis Sentiment score · right axis

Why It Matters AI synthesis from the source mix · grounded in cited evidence

  • Unauthenticated RCE — Exim CVE-2026-45185 "Dead.Letter" — CVSS 9.8 UAF via GnuTLS/BDAT, unauthenticated RCE. The BDAT handler has now been the source of two 9.8 C r/linuxadmin

Briefing Findings · Exim’s GnuTLS BDAT handler is reported

Story-specific findings extracted from this briefing's coverage. Fast Facts in the sidebar holds the canonical reference data (CEO, founded, ticker).

CVE CVE-2026-45185
CVSS 9.8
Vector/component GnuTLS BDAT handler

What to Watch

  • Follow updates from the Exim security advisory channels for a patch or mitigation tied to CVE-2026-45185. r/linuxadmin
  • Check whether Exim/maintainers report additional details on BDAT-related vulnerabilities matching the “two 9.8 CVEs” claim. r/linuxadmin

What Changed

  • Exim CVE-2026-45185 "Dead.Letter" — CVSS 9.8 UAF via GnuTLS/BDAT, unauthenticated RCE. The BDAT handler has now been the source of two 9.8 CVEs. r/linuxadmin
Source-backed brief · brief is source backed Show all sources
Share & embed Quotables, social share, embed snippet

Share

Twitter Reddit

Embed widget

<script src="https://ttek2.com/embed/pulse/exim" async></script>