CVE-2026-32661

CRITICAL EXPLOITED

Canon Marketing Japan Inc. Guardianwall MailSuite (On-premises Version) - Stack-based Buffer Overflow

Title source: rule

Exploitation Summary

CVE-2026-32661 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege.

References (2)

Core 2

Core References

https://security-support.canon-its.jp/info_and_news/show/804?site_domain=GUARDIANWALL

https://jvn.jp/en/jp/JVN35567473/

Scores

CVSS v3 9.8

EPSS 0.0047

EPSS Percentile 36.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2026-05-13

CWE

CWE-121

Status published

Products (3)

Canon Marketing Japan Inc./GUARDIANWALL Mail Security Cloud (SaaS version) 2026

Canon Marketing Japan Inc./GUARDIANWALL Mail Security Cloud (SaaS version) versions before the maintenance on April 30

Canon Marketing Japan Inc./GUARDIANWALL MailSuite (On-premises version) Ver 1.4.00 to Ver 2.4.26

Published May 13, 2026

Tracked Since May 13, 2026