CVE-2026-48840

Published: Mag 30, 2026 Last Modified: Mag 30, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.

839

Numeric Range Comparison Without Minimum Check

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Modify Application Data Execute Unauthorized Code Or Commands Dos: Resource Consumption (Other) Modify Memory Read Memory
Applicable Platforms
Languages: C, C++
View CWE Details
http://www.openwall.com/lists/oss-security/2026/05/29/3
http://www.openwall.com/lists/oss-security/2026/05/29/3
https://exim.org/static/doc/security/EXIM-Security-2026-05-…
https://exim.org/static/doc/security/EXIM-Security-2026-05-19.1
https://www.openwall.com/lists/oss-security/2026/05/29/3
https://www.openwall.com/lists/oss-security/2026/05/29/3