A dangerous security flaw has been discovered in Exim, a widely used email server software. The vulnerability, officially tracked as CVE-2025-26794, allows hackers to inject harmful commands into the system, potentially leading to data theft or even complete control over the email server. This issue affects Exim version 4.98 when used with a specific database system called SQLite. Experts warn that this is one of the biggest email security threats of 2025.
How This Vulnerability Works
The problem occurs because of the way Exim handles database queries under certain settings. It mainly affects systems that:
1. Use SQLite for storing email-related data – This happens when Exim is set up with a special feature called `USE_SQLITE`.
2. Enable the ETRN command – This is a function that allows users to request email deliveries, but it can be misused if not properly restricted.
3. Have weak protections against command execution – Some default settings make it easier for attackers to sneak in harmful database commands.
If all these conditions are met, a hacker can send specially designed emails to the server, tricking it into running unauthorized commands. This could allow them to access sensitive information, modify system settings, or even take control of the entire email system.
Content was cut in order to protect the source.Please visit the source for the rest of the article.