6 matches found
CVE-2026-32632
A flaw was found in glances. Glances recently added DNS rebinding protection for the MCP endpoint, but the main REST/WebUI FastAPI application still accepts arbitrary 'Host' headers and does not apply 'TrustedHostMiddleware' or an equivalent host allowlist. As a result, the REST API, WebUI, and...
DEBIAN-CVE-2026-32632
Glances is an open-source system cross-platform monitoring tool. Glances recently added DNS rebinding protection for the MCP endpoint, but prior to version 4.5.2, the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent...
CVE-2026-32632
Glances is an open-source system cross-platform monitoring tool. Glances recently added DNS rebinding protection for the MCP endpoint, but prior to version 4.5.2, the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent...
CVE-2026-32632
Glances is an open-source system cross-platform monitoring tool. Glances recently added DNS rebinding protection for the MCP endpoint, but prior to version 4.5.2, the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32632 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32632 Source advisory: OSV:GHSA-HHCG-R27J-FHV9...
CVE-2026-32632
creationtimestamp| type| source ---|---|--- 2026-03-14 14:52:38+00:00| published-proof-of-concept| https://github.com/nicolargo/glances/security/advisories/GHSA-hhcg-r27j-fhv9...