2 matches found
CVE-2026-53925
Summary of CVE-2026-53925 (Glances) In Glances, versions 4.0.8 through 4.5.5, the secure_popen() function in glances/secure.py parses shell-like operators (>, |, &&) in command strings without validating the target path or commands. When AMP module commands/service_cmd values are read from gla...
Glances has arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration
Summary The securepopen function in glances/secure.py interprets file redirection, | pipe, and && command chaining operators in command strings. These operators are applied without any validation on the target file path, piped command, or chained command. When Application Monitoring Process AMP...