cybercrime.clubhttps://cybercrime.club/tags/smtp/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSun, 03 May 2026 11:09:09 -0400Exim 4.99.2 Patches Four Mail Server Flaws: Heap Corruption via JSON Headers, DNS Poisoning, and SPA Auth Bugshttps://cybercrime.club/posts/exim-4-99-2-cve-2026-40684-40687-mail-server-heap-corruption/Sun, 03 May 2026 11:09:09 -0400https://cybercrime.club/posts/exim-4-99-2-cve-2026-40684-40687-mail-server-heap-corruption/Exim 4.99.2 fixes four memory-safety bugs (CVE-2026-40684 through 40687) in the world's most-deployed MTA, including a JSON heap-write reachable from untrusted headers.vulnerabilities