By weakness (CWE)
CWE-839: related vulnerabilities
CVEs classified under CWE-839. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-48840MEDIUM 5.3
Exim versions 4.88 through 4.99.3 contain a memory disclosure vulnerability when deployed in certain proxy configurations. The flaw allows unauthenticated remote attackers to craft short payloads that cause the mail server to leak uninitialized stack memory back to the client. This is a confidentiality issue—an attacker gains access to sensitive data that may be in memory, but cannot modify email systems or cause service disruption directly.