Gnu Inetutils
5 CVEs affecting Gnu Inetutils. Latest disclosed: 2026-03-16. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-32746 | Critical | 9.8 | 2026-03-13 | telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check… |
CVE-2026-24061 | Critical | 9.8 | 2026-01-21 | telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable. |
CVE-2026-28372 | High | 7.4 | 2026-02-27 | telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) imp… |
CVE-2026-32772 | Low | 3.4 | 2026-03-16 | telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR. |
CVE-2011-4862 | | 2011-12-25 | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1… |