Nicolargo Glances
15 CVEs affecting Nicolargo Glances. Latest disclosed: 2026-04-20. Critical: 2, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-30930 | Critical | 9.8 | 2026-03-10 | Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenatio… |
CVE-2026-32633 | Critical | 9.1 | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, the `/api/4/serverslist` endpoint returns raw… |
CVE-2026-32634 | High | 8.1 | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised s… |
CVE-2026-32610 | High | 8.1 | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, the Glances REST API web server ships with a default CORS configuratio… |
CVE-2026-33641 | High | 7.8 | 2026-04-02 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, Glances supports dynamic configuration values in which substrings encl… |
CVE-2026-32609 | High | 7.5 | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. The GHSA-gh4x fix (commit 5d3de60) addressed unauthenticated configuration secrets exposure on… |
CVE-2026-32611 | High | 7.0 | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. The GHSA-x46r fix (commit 39161f0) addressed SQL injection in the TimescaleDB export module by… |
CVE-2026-32608 | High | 7.0 | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when… |
CVE-2026-35588 | Medium | 6.3 | 2026-04-20 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module (`glances/exports/glances_cassandra/__init… |
CVE-2026-32632 | Medium | 5.9 | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. Glances recently added DNS rebinding protection for the MCP endpoint, but prior to version 4.5… |
CVE-2026-35587 | | 2026-04-20 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery (SSRF) vulnerability exists in the Glanc… | |
CVE-2026-34839 | | 2026-04-20 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API (`/api/4/*`) that is accessi… | |
CVE-2026-33533 | | 2026-04-02 | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, the Glances XML-RPC server (activated with glances -s or glances --ser… | |
CVE-2026-32596 | | 2026-03-18 | Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with `g… | |
CVE-2026-30928 | | 2026-03-10 | Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configur… |