CVE-2026-32609
- EPSS 0.15%
- Veröffentlicht 18.03.2026 14:30:37
- Zuletzt bearbeitet 19.03.2026 14:55:31
Glances is an open-source system cross-platform monitoring tool. The GHSA-gh4x fix (commit 5d3de60) addressed unauthenticated configuration secrets exposure on the `/api/v4/config` endpoints by introducing `as_dict_secure()` redaction. However, the `...
- EPSS 0.01%
- Veröffentlicht 18.03.2026 06:03:22
- Zuletzt bearbeitet 18.03.2026 18:27:43
Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables (e.g...
CVE-2026-32596
- EPSS 3.59%
- Veröffentlicht 18.03.2026 05:18:11
- Zuletzt bearbeitet 18.03.2026 18:33:12
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with `glances -w`, exposing REST API with sensitive system information including process command-l...
CVE-2026-30930
- EPSS 0.03%
- Veröffentlicht 10.03.2026 16:16:59
- Zuletzt bearbeitet 17.03.2026 16:20:46
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenation with unsanitized system monitoring data. The normalize() method wraps string values in si...
CVE-2026-30928
- EPSS 3.66%
- Veröffentlicht 10.03.2026 16:15:37
- Zuletzt bearbeitet 17.03.2026 16:20:29
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file (glances.conf) via self.config.as_dict() with no filtering of sensitive values. ...