Stack-based Buffer Overflow in GUARDIANWALL MailSuite and Mail Security Cloud by GUARDIANWALL
CVE-2026-32661

9.3CRITICAL

Key Information:

Vendor: Canon Marketing Japan Inc.
Status: Guardianwall Mailsuite (on-premises Version); Guardianwall Mail Security Cloud (saas Version)
Vendor: CVE Published:; 13 May 2026

🔔 Create Canon Marketing Japan Inc. Vulnerability Alert

What is CVE-2026-32661?

A stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud. An attacker can exploit this vulnerability by sending a specially crafted request to the web service of the affected product. If the application is configured to run pop3wallpasswd with grdnwww user privileges, it may lead to the execution of arbitrary code, posing a significant risk to the integrity and security of the system.

Affected Version(s)

GUARDIANWALL Mail Security Cloud (SaaS version) versions before the maintenance on April 30

GUARDIANWALL Mail Security Cloud (SaaS version) 2026

GUARDIANWALL MailSuite (On-premises version) Ver 1.4.00 to Ver 2.4.26

References

https://jvn.jp/en/jp/JVN35567473/

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
May 11, 2026

CVE-2026-32661 Data

JSON