ID:12063 - Exploit for SQL injection in Exim - CVE-2025-26794
Published: October 31, 2025
Vulnerability identifier: #VU104137
Vulnerability risk: Medium
CVE-ID: CVE-2025-26794
CWE-ID: CWE-89
Exploitation vector: Remote access
Vulnerable software:
Exim
Exim
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to execute arbitrary SQL queries in application's database.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted email to the affected server and execute arbitrary SQL commands within the application's database.
Note, the vulnerability exists only when the build time option _USE_SQLITE_ was set (it enables the use of SQLite for the hints databases), runtime config enables ETRN and enforces ETRN serialization.
Remediation
Install updates from vendor's website.