Email server Exim contains a critical remote code execution vulnerability (CVE-2019-10149). An attacker could exploit the vulnerability to take control of an affected system. It is present in version 4.87 to 4.91 (including). The fixed version is 4.92. We encourage users and administrators to apply the necessary updates.