Back

Critical Exim Vulnerabilities in Ubuntu Affecting Remote Code Execution

Severity: High (Score: 72.8)

Sources: Linuxsecurity, Ubuntu

Summary

Multiple critical vulnerabilities have been identified in Exim, a mail transport agent used in various Ubuntu releases. The affected versions include Ubuntu 22.04 LTS, 24.04 LTS, 25.10, and 26.04 LTS. The vulnerabilities include improper handling of malformed JSON in message headers (CVE-2026-40685), processing of UTF-8 trailing characters (CVE-2026-40686), and SPA authenticator input (CVE-2026-40687). These flaws could allow remote attackers to execute arbitrary code or obtain sensitive information. The issues were published on April 30, 2026, and patches are available for affected systems. Users are advised to perform a standard system update to mitigate these vulnerabilities. The potential impact is significant, as these vulnerabilities can be exploited remotely. The current status is that users should prioritize updating their systems to prevent exploitation. Key Points: • Three critical vulnerabilities in Exim could lead to remote code execution. • Affected Ubuntu versions include 22.04 LTS, 24.04 LTS, 25.10, and 26.04 LTS. • Users are advised to update their systems immediately to mitigate risks.

Key Entities

  • Zero-day Exploit (attack_type)
  • CVE-2026-40685 (cve)
  • CVE-2026-40686 (cve)
  • CVE-2026-40687 (cve)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • Ubuntu (company)
  • Ubuntu Pro (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed