5 matches found
glances 4.5.2 - command injection
!/usr/bin/env python3 Exploit Title: glances 4.5.2 - command injection Date: 2026-04-09 Exploit Author: Stepanov Daniil Vendor Homepage: https://github.com/nicolargo/glances Software Link: https://github.com/nicolargo/glances Version: 4.5.2 and below fixed in 4.5.3 Tested on: Kali Linux 2026.1,...
📄 Glances 4.5.2 Command Injection
Glances version 4.5.2 suffers from a command injection vulnerability. !/usr/bin/env python3 Exploit Title: glances 4.5.2 - command injection Date: 2026-04-09 Exploit Author: Stepanov Daniil Vendor Homepage: https://github.com/nicolargo/glances Software Link: https://github.com/nicolargo/glances...
CVE-2026-33641
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, Glances supports dynamic configuration values in which substrings enclosed in backticks are executed as system commands during configuration parsing. This behavior occurs in Config.getvalue and is implemented...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-33641 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-33641 Source advisory: OSV:GHSA-QHJ7-V7H7-Q4C7...
CVE-2026-33641
creationtimestamp| type| source ---|---|--- 2026-03-29 15:04:46+00:00| published-proof-of-concept| https://github.com/nicolargo/glances/security/advisories/GHSA-qhj7-v7h7-q4c7 2026-04-02 17:37:18+00:00| seen| Telegram/asfs2UkHDA2dEAWxK7wNvn0OefGesF-RFz1ocNui3XpVnY 2026-04-03 09:00:50+00:00| seen|...