1. Exim 'Dead.Letter' Flaw Exposes Mail Servers to Unauthenticated Remote Code Execution via GnuTLS BDAT
A critical use-after-free vulnerability in Exim mail server software allows unauthenticated remote attackers to execute arbitrary code by sending specially crafted BDAT SMTP traffic. The flaw, tracked as CVE-2026-45185, exists specifically in Exim versions 4.97 through 4.99.2 when built with GnuTLS cryptographic suppor...