CVE-2026-40684

high

Description

In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.

References

https://www.openwall.com/lists/oss-security/2026/04/30/21

https://seclists.org/oss-sec/2026/q2/306

https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessment

https://exim.org/static/doc/security/CVE-2026-40684.txt

https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81

http://www.openwall.com/lists/oss-security/2026/05/01/11

Details

Source: Mitre, NVD

Published: 2026-04-30

Updated: 2026-05-01

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H