CVE-2026-32746 is a CVSS 9.8 pre-authentication stack-based buffer overflow in GNU Inetutils telnetd affecting all versions across the full version history; no patch exists as of disclosure, making network-layer mitigation the only available control. Exposure is particularly acute for ICS and OT environments with legacy embedded devices running telnetd. Disable or firewall-block TCP/23 on all exposed systems immediately, enumerate all GNU Inetutils deployments across IT and OT inventories, and monitor NVD and the GNU Inetutils project for patch availability.