VYPR
Low severity3.7NVD Advisory· Published Apr 30, 2026· Updated May 1, 2026

CVE-2026-40686

CVE-2026-40686

Description

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). Information might be divulged within an error message produced during handling of an unrelated e-mail message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Exim/Exim2 versions
    cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*range: <4.99.2
    • (no CPE)range: <4.99.2

Patches

Vulnerability mechanics

References

4

News mentions

1