Browse all 14 CVE security advisories affecting Exim. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Exim serves as a widely deployed mail transfer agent for routing and delivering email across networks. Historically, it has been susceptible to remote code execution vulnerabilities, often through buffer overflows or improper input validation, along with cross-site scripting flaws and privilege escalation issues. The software's complex configuration and extensive feature set have contributed to security challenges, with 14 CVEs documented. Notable incidents include critical RCE vulnerabilities in versions 4.87 and 4.92, which allowed attackers to execute arbitrary code with root privileges. Despite these issues, Exim remains a core component in many email infrastructures due to its flexibility and robust routing capabilities.
This page lists every published CVE security advisory associated with Exim. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.