CVE-2025-26794

Publication date

2025-02-21 00:00:00

Family

mitre

State

PUBLISHED

Description

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. (Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations.)