Telnet

• CVE-2026-32746: Unpatched Telnetd Zero-Day Allows Unauthenticated Root RCE March 24, 2026

  A critical buffer overflow in GNU InetUtils telnetd (CVE-2026-32746, CVSS 9.8) allows unauthenticated remote attackers to execute arbitrary code as root before the login prompt even appears. No patch is available yet.