Medium severity5.9NVD Advisory· Published Apr 30, 2026· Updated May 1, 2026

CVE-2026-40684

Description

In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.

Affected products

Exim/Exim
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*
Range: <4.99.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81nvdPatch
exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessmentnvdVendor Advisory
www.openwall.com/lists/oss-security/2026/04/30/21nvdMailing ListThird Party Advisory
exim.org/static/doc/security/CVE-2026-40684.txtnvdBroken Link
www.openwall.com/lists/oss-security/2026/05/01/11nvd

News mentions

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
The Hacker News · May 4, 2026

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000