Critical Exim Vulnerabilities in Ubuntu Affecting Remote Code Execution

Critical Exim Vulnerabilities in Ubuntu Affecting Remote Code Execution

First seen 4 May 2026, 18:38 UTC UbuntuLinuxsecurityThehackernewswww.synacktiv.comHkcert+7 86% similarity 72.8

Article Content

Browse articles
ThreatCluster

Multiple critical vulnerabilities have been identified in Exim, a mail transport agent used in various Ubuntu releases. The affected versions include Ubuntu 22.04 LTS, 24.04 LTS, 25.10, and 26.04 LTS. The vulnerabilities include improper handling of malformed JSON in message headers (CVE-2026-40685), processing of UTF-8 trailing characters (CVE-2026-40686), and SPA authenticator input (CVE-2026-40687). These flaws could allow remote attackers to execute arbitrary code or obtain sensitive information. The issues were published on April 30, 2026, and patches are available for affected systems. Users are advised to perform a standard system update to mitigate these vulnerabilities. The potential impact is significant, as these vulnerabilities can be exploited remotely. The current status is that users should prioritize updating their systems to prevent exploitation.

Key Points: • Three critical vulnerabilities in Exim could lead to remote code execution. • Affected Ubuntu versions include 22.04 LTS, 24.04 LTS, 25.10, and 26.04 LTS. • Users are advised to update their systems immediately to mitigate risks.

ThreatCluster AI

Timeline

2026-04-30
CVE-2026-40685 published
2026-04-30
CVE-2026-40686 published
2026-04-30
CVE-2026-40687 published
2026-05-04
Ubuntu releases patch for Exim vulnerabilities

Community

Browse all →