ACCORDING to CISA, the US cybersecurity agency, five flaws were added to the Known Exploited Vulnerabilities (KEV) catalog, including two Linux bugs. The first is CVE-2026-24061 in GNU Inetutils, a critical authentication bypass in the telnetd service that can allow an attacker to obtain a root shell and remote code execution by manipulating the USER environment variable. CVE-2026-24061 was introduced in GNU Inetutils 1.9.3 (May 2015) and affects all iterations up to 2.7 (December 2025).
Within days of disclosure on 20 January, GreyNoise reported 60 exploitation attempts from 18 unique sources, with more than 200,000 systems exposing Telnet or over 1 million per Censys, though only those using GNU telnetd are vulnerable. The second Linux flaw is CVE-2018-14634, an integer overflow in the kernel that could let a privileged binary escalate to root, with Qualys noting exploitation was possible on systems with at least 32GB of RAM. On the same day, CISA also added two SmarterMail bugs and a Microsoft Office zero-day to KEV, urging federal agencies to address all five by 16 February.