Hello, On 1/20/26 3:00 PM, Simon Josefsson wrote:
If someone can allocated a CVE, we will add it in future release notes.
it seems https://www.cve.org/CVERecord?id=CVE-2026-24061 got assigned by MITRE to this now:
> telnetd in GNU Inetutils through 2.7 allows remote authentication > bypass via a "-f root" value for the USER environment variable.
