CVE-2026-32746 is a pre-authentication CVSS 9.8 stack buffer overflow in GNU Inetutils telnetd rooted in a 32-year-old linemode SLC handler flaw, with no confirmed patch available as of analysis date. ICS and OT environments face elevated exposure due to widespread legacy telnet usage on embedded Linux, PLCs, RTUs, and HMIs. Immediate mitigations — disabling telnetd and blocking TCP port 23 at all network boundaries — should be enacted now, with longer-term migration to SSH and OT network segmentation review as follow-on actions.