On April 30, 2026, the CERT‑FR issued a notice about several vulnerabilities in the Exim mail transfer agent. Versions of Exim earlier than 4.99.2 are affected. The flaws can allow attackers to cause a remote denial‑of‑service, compromise the confidentiality of data, and exploit an unspecified security issue. The notice references four CVEs—CVE‑2026‑40684, CVE‑2026‑40685, CVE‑2026‑40686, CVE‑2026‑40687—and directs users to the Exim security bulletin (cve-2026-04.1) for patch information. System administrators should review the vendor’s bulletin and apply the recommended updates promptly to mitigate these risks for compliance and security.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.