Port 23, 30 Years Later: A Pre-Auth LINEMODE Bug in GNU Telnetd (CVE-2026-32746)
Port 23, 30 Years Later: A Pre-Auth LINEMODE Bug in GNU Telnetd (CVE-2026-32746) A bug rooted in Telnet’s early-1990s LINEMODE logic survived into modern GNU Inetutils telnetd, leaving a pre-auth memory corruption path reachable before /bin/login, before passwords, and before PAM. Summary CVE-2026-32746 is a pre-auth out-of-bounds write in GNU Inetutils telnetd The bug lives […]