CVE-2026-32746 (CVSS 9.8) is a pre-authentication stack-based buffer overflow in the linemode SLC handler of GNU Inetutils telnetd affecting all versions, with no patch available as of disclosure. ICS and OT environments face elevated risk due to legacy telnet use and slower patching cycles; exploitation requires only a crafted telnet negotiation sequence and no credentials. Disable telnetd immediately on all internet-facing and OT-connected systems; apply network-layer ACLs to restrict TCP port 23 to known required hosts where disablement is not immediately feasible, and initiate replacement of telnet with SSH across all environments.