BrianKrebsThis might have slipped under the radar these past few days, but a 9.8 RCE in Exim (on many, many mail servers) that does not require authentication is bad bad bad.
Bernard Quatermass@briankrebs For an authenticator plugin that is not built/installed on 99% of those many, many servers.
Ozzie D, NP-hard 
@QuatermassTools @briankrebs I can't find details on this one at any of my usual sites. Do you have any other references?