Exim <4.99.2 SPA Auth OOB Write & Data Leak
CVE-2026-40687 Published on April 30, 2026
In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory.
Vulnerability Analysis
CVE-2026-40687 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.
Weakness Type
Missing Initialization of Resource
The software does not initialize a critical resource. Many resources require initialization before they can be properly used. If a resource is not initialized, it could contain unpredictable or expired data, or it could be initialized to defaults that are invalid. This can have security implications when the resource is expected to have certain properties or values.
Products Associated with CVE-2026-40687
stack.watch emails you whenever new vulnerabilities are published in Exim or Canonical Ubuntu Linux. Just hit a watch button to start following.
Affected Versions
Exim:- Before 4.99.2 is affected.