216.73.216.169

CVE-2026-32596

· Published 18/03/2026 06:16 · Modified 18/03/2026 18:33

Labels: CVE-2026-32596 2026-03-18CVE-2026-32596CWE-200[email protected]

Essential information

Published
18/03/2026 06:16
Modified
18/03/2026 18:33
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with `glances -w`, exposing REST API with sensitive system information including process command-lines containing credentials (passwords, API keys, tokens) to any network client. Version 4.5.2 fixes the issue.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
nicolargo / glances cpe:2.3:a:nicolargo:glances:*:*:*:*:*:*:*:*

References