Synology DiskStation Manager Vulnerability Puts Users at Risk of Remote Command Execution Attacks

Synology has released an urgent security advisory for a critical unauthenticated remote command execution vulnerability (CVE-2026-32746, CVSS 9.8) in the GNU Inetutils telnetd (LINEMODE SLC handling) affecting multiple DSM releases; patches are available for major DSM lines (with some specialized platforms still pending fixes) and administrators are advised to apply updates immediately or disable the Telnet service as a workaround.