I'm just reading this GNU telnetd CVE from last month.

@AkaSci Boy, I hope not

@jtk Interesting!

Don't miss this explanation of how backbone providers coordinated on this telnetd exploit in advance of the CVE release, and simply blocked port 23 traffic. https://www.labs.greynoise.io/grimoire/2026-02-10-telnet-falls-silent/

I'm just reading this GNU telnetd CVE from last month. I did not realize that telnet was still a thing, but it turns out anybody could provide a username of "-f root" and, boom, they had root. The vulnerability existed for 11 years. *Wow*. https://www.cve.org/CVERecord?id=CVE-2026-24061