GNU InetUtils
-
Critical Telnet flaw allows pre-auth remote code execution as root
A Dream Security advisory disclosed CVE-2026-32746, a CVSS 9.8 buffer overflow in GNU inetutils telnetd that allows unauthenticated remote code execution as root. Maintainers were notified on March 11 and a patch was prepared the next day.
-
Critical pre-auth buffer overflow found in GNU InetUtils telnetd tracked as CVE-2026-32746
A pre-authentication buffer overflow in GNU InetUtils telnetd, tracked as CVE-2026-32746 and rated CVSS 9.8, can allow unauthenticated remote code execution as root. A fix is expected by April 1, 2026.
-
Critical GNU InetUtils telnetd flaw allows remote root login
A critical CVE-2026-24061 in GNU InetUtils telnetd allows remote authentication bypass and potential root login on versions 1.9.3 through 2.7 rated 9.8 CVSS. Administrators are urged to patch or disable telnetd.
