← Back
2026-05-13 5:15CVE-2026-32661jpcert
PUBLISHED5.2CWE-121

Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege.

Problem type

Affected products

Canon Marketing Japan Inc.

GUARDIANWALL MailSuite (On-premises version)

Ver 1.4.00 to Ver 2.4.26 - AFFECTED

GUARDIANWALL Mail Security Cloud (SaaS version)

versions before the maintenance on April 30 - AFFECTED

2026 - AFFECTED

References

jvn.jp

https://jvn.jp/en/jp/JVN35567473/

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-32661
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-32661",
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "dateUpdated": "2026-05-13T05:15:15.435Z",
    "dateReserved": "2026-05-11T00:11:34.095Z",
    "datePublished": "2026-05-13T05:15:15.435Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert",
        "dateUpdated": "2026-05-13T05:15:15.435Z"
      },
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege."
        }
      ],
      "affected": [
        {
          "vendor": "Canon Marketing Japan Inc.",
          "product": "GUARDIANWALL MailSuite (On-premises version)",
          "versions": [
            {
              "version": "Ver 1.4.00 to Ver 2.4.26",
              "status": "affected"
            }
          ]
        },
        {
          "vendor": "Canon Marketing Japan Inc.",
          "product": "GUARDIANWALL Mail Security Cloud (SaaS version)",
          "versions": [
            {
              "version": "versions before the maintenance on April 30",
              "status": "affected"
            },
            {
              "version": "2026",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en-US",
              "description": "Stack-based buffer overflow",
              "cweId": "CWE-121",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://jvn.jp/en/jp/JVN35567473/"
        }
      ],
      "metrics": [
        {
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ],
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL"
          }
        },
        {
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ]
    }
  }
}