CVE-2019-10149CISA KEVEPSS p100.0%

CVE-2019-10149Exim Mail Transfer Agent (MTA) Improper Input Validation

Exim / Mail Transfer Agent (MTA)

Description

Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Scoring

EPSS99.96% probability of exploitation · percentile 100.0% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2022-01-10

(incoming)1

TypeTargetConfidenceTier
KEVEntryExim Mail Transfer Agent (MTA) Improper Input Validationkev-cve-2019-101490%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Exim Out-of-bounds Write Vulnerability
CVE
Exim Buffer Overflow Vulnerability
CVE
Exim Privilege Escalation Vulnerability
CVE
Exim Heap-Based Buffer Overflow Vulnerability
CVE
OpenSMTPD Remote Code Execution Vulnerability
CVE
Microsoft Exchange Server Remote Code Execution Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.