CVE-2026-40684
Published: Thu, 30 Apr 2026 22:16
Summary
In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in
Details
In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.
Are YOU affected by CVE-2026-40684?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether CVE-2026-40684 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
References
- https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81
- https://exim.org/static/doc/security/CVE-2026-40684.txt
- https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessment
- https://www.openwall.com/lists/oss-security/2026/04/30/21
- http://www.openwall.com/lists/oss-security/2026/05/01/11
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.