๐Ÿ” CVE Alert

CVE-2026-32772

LOW 3.4
CVSS Score
3.4
EPSS Score
0.0%
EPSS Percentile
0th

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.

CWE CWE-669
Vendor gnu
Product inetutils
Published Mar 13, 2026
Last Updated Mar 16, 2026
Stay Ahead of the Next One

Get instant alerts for gnu inetutils

Be the first to know when new low vulnerabilities affecting gnu inetutils are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None

Affected Versions

GNU / inetutils
0 โ‰ค 2.7

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
openwall.com: https://www.openwall.com/lists/oss-security/2026/03/13/1