The Exim maintainers and the Zero Day Initiative (ZDI) have experienced delays and communication issues in addressing these vulnerabilities, raising concerns about the handling of security flaws in widely used software.
Source: cyware.com