CVE-2019-10149
Exim Mail Transfer Agent (MTA) Improper Input Validation
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Jan 10, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
Exim / Mail Transfer Agent (MTA)
Vulnerability
Exim Mail Transfer Agent (MTA) Improper Input Validation
Added to KEV
Jan 10, 2022
Remediate by
Jul 10, 2022
Known ransomware use
No
Summary description
Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-10149
No related CVEs by CWE or product.