CVE-2026-32746 is a pre-authentication stack-based buffer overflow (CVSS 9.8, CWE-121) in the linemode SLC handler of GNU Inetutils telnetd, reported as a 32-year-old defect affecting all known versions, with no patch available at time of disclosure. ICS and OT environments face elevated exposure due to legacy telnet dependency in industrial control systems where patching cycles are constrained. The only current mitigation is disabling telnetd and blocking TCP port 23; organizations should immediately enumerate all telnetd instances across IT and OT networks, prioritize disablement in ICS/OT segments, replace telnet with SSH where possible, and monitor for inbound port 23 sessions with anomalous option negotiation payloads.