CVE-2026-32661 is a CVSS 9.8 unauthenticated stack-based buffer overflow in GUARDIANWALL MailSuite and its SaaS variant, confirmed in the CISA KEV catalog with no patch yet available. A remote attacker can send a crafted HTTP request to the exposed web service component to achieve arbitrary code execution under grdnwww user privileges. Organizations running GUARDIANWALL as their email security gateway face complete compromise of that component with no vendor-supplied fix in hand.