CVE-2026-40684_CVE-2026-40684

5.9 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.

Basic Information

ID CVE-2026-40684

Source mitre

Published Apr 30, 2026 at 00:00

Modified Apr 30, 2026 at 21:23

Affected Product

Vendor Exim

Product Exim

Affected Versions Exim Exim 0

CWE Classification

CWE-684

References

{
    "lastseen": "",
    "description": "In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.",
    "published": "2026-04-30T00:00:00.000Z",
    "modified": "2026-04-30T21:23:47.370Z",
    "type": "cve",
    "title": "CVE-2026-40684",
    "source": "mitre",
    "references": "https://exim.org/static/doc/security/CVE-2025-40684.txt\nhttps://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessment\nhttps://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81",
    "id": "CVE-2026-40684",
    "bulletinFamily": "",
    "cwe": [
        "CWE-684"
    ],
    "cvelist": null,
    "sourceData": "Exim Exim 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.9,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Exim",
    "version": "0",
    "vendor": "Exim",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}