CVE-2026-32772

Description

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.

Affected packages (1)

• Debian/inetutilsfrom 0, < 2:2.0-1+deb11u4

CVSS scores

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2026-32772