CVE-2026-32661_CVE-2026-32661

9.8 / 10

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege.

Basic Information

ID CVE-2026-32661

Source jpcert

Published May 13, 2026 at 05:15

Affected Product

Vendor Canon Marketing Japan Inc.

Product GUARDIANWALL MailSuite (On-premises version)

Version Ver 1.4.00 to Ver 2.4.26

Affected Versions Canon Marketing Japan Inc. GUARDIANWALL MailSuite (On-premises version) Ver 1.4.00 to Ver 2.4.26
Canon Marketing Japan Inc. GUARDIANWALL Mail Security Cloud (SaaS version) versions before the maintenance on April 30
Canon Marketing Japan Inc. GUARDIANWALL Mail Security Cloud (SaaS version) 2026

CWE Classification

CWE-121

References

jvn.jp /en/jp/JVN35567473/

{
    "lastseen": "",
    "description": "Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege.",
    "published": "2026-05-13T05:15:15.435Z",
    "modified": "2026-05-13T05:15:15.435Z",
    "type": "cve",
    "title": "CVE-2026-32661",
    "source": "jpcert",
    "references": "https://jvn.jp/en/jp/JVN35567473/",
    "id": "CVE-2026-32661",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121"
    ],
    "cvelist": null,
    "sourceData": "Canon Marketing Japan Inc. GUARDIANWALL MailSuite (On-premises version) Ver 1.4.00 to Ver 2.4.26\nCanon Marketing Japan Inc. GUARDIANWALL Mail Security Cloud (SaaS version) versions before the maintenance on April 30\nCanon Marketing Japan Inc. GUARDIANWALL Mail Security Cloud (SaaS version) 2026",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GUARDIANWALL MailSuite (On-premises version)",
    "version": "Ver 1.4.00 to Ver 2.4.26",
    "vendor": "Canon Marketing Japan Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}