CVE-2025-26794
CVE-2025-26794
In short
Exim 4.98 before 4.98.1 allows an attacker to inject malicious SQL commands through the email server when specific features (SQLite hints and ETRN serialization) are enabled. This could let someone access or modify the server's database without proper authorization.
Technical detail
SQL injection vulnerability in Exim 4.98 prior to 4.98.1 when SQLite hints and ETRN serialization are configured. Attack vector requires remote network access to the mail server with these non-default features enabled; successful exploitation permits unauthorized database query execution and potential data exfiltration or manipulation.
Summary generated and translated by AI from the official description.
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. (Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations.)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
Exim · EximWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.suse.com/show_bug.cgi?id=1237424https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305https://exim.orghttps://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txthttps://github.com/Exim/exim/wiki/EximSecurityhttps://github.com/NixOS/nixpkgs/pull/383926https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82dhttps://www.exim.org/static/doc/security/CVE-2025-26794.txthttp://www.openwall.com/lists/oss-security/2025/02/19/1http://www.openwall.com/lists/oss-security/2025/02/21/4http://www.openwall.com/lists/oss-security/2025/02/21/5