Which versions of GUARDIANWALL MailSuite are affected by CVE-2026-32661?

CVE-2026-32661 is a critical remote code execution vulnerability in Canon's GUARDIANWALL MailSuite and Mail Security Cloud that allows unauthenticated attackers to execute arbitrary code through a…

GUARDIANWALL MailSuite CVE-2026-32661

Q: What is the CVSS score of CVE-2026-32661?

CVE-2026-32661 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-29911 CRITICAL

Stack-based Buffer Overflow (CWE-121)

2026-05-13 jpcert

GHSA-hrhg-9hfh-hwhj

RCE Buffer Overflow Stack Overflow

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

May 13, 2026 - 15:59 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 13, 2026 - 15:52 vuln.today

cvss_changed

CVSS changed

May 13, 2026 - 15:52 NVD

9.8 (CRITICAL) 9.3 (CRITICAL)

Analysis Generated

May 13, 2026 - 06:30 vuln.today

CVE Published

May 13, 2026 - 05:15 nvd

CRITICAL 9.8

DescriptionNVD

Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege.

AnalysisAI

Remote code execution in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud allows unauthenticated network attackers to execute arbitrary code via stack-based buffer overflow when pop3wallpasswd runs with grdnwww user privileges. Canon Marketing Japan has released patches for both on-premises (versions 1.4.00-2.4.26 affected) and SaaS deployments (pre-April 30, 2026 maintenance). …

RemediationAI

Within 24 hours: Identify all GUARDIANWALL deployments (on-premises and Cloud) and document current versions. Within 7 days: Apply vendor patches to all affected on-premises instances (upgrade to version 2.4.27 or later for on-premises; ensure SaaS instance receives post-April 30, 2026 maintenance update). …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-32661 vulnerability details – vuln.today

Back

GUARDIANWALL MailSuite CVE-2026-32661

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

GUARDIANWALL MailSuite CVE-2026-32661

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code