Lucene search
K

5 matches found

NVD
NVD
added 2026/06/25 7:16 p.m.10 views

CVE-2026-53925

Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the securepopen function in glances/secure.py interprets file redirection, | pipe, and && command chaining operators in command strings. These operators are applied without any validation on the target file...

7.8CVSS0.00184EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:3 p.m.7 views

CVE-2026-53925

Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the securepopen function in glances/secure.py interprets file redirection, | pipe, and && command chaining operators in command strings. These operators are applied without any validation on the target file...

7.8CVSS6.1AI score0.00184EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/25 6:3 p.m.4 views

CVE-2026-53925 Glances: Arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration

Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the securepopen function in glances/secure.py interprets file redirection, | pipe, and && command chaining operators in command strings. These operators are applied without any validation on the target file...

7.8CVSS6.1AI score0.00184EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/23 5:59 p.m.10 views

Glances has arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration

Summary The securepopen function in glances/secure.py interprets file redirection, | pipe, and && command chaining operators in command strings. These operators are applied without any validation on the target file path, piped command, or chained command. When Application Monitoring Process AMP...

7.8CVSS6.3AI score0.00866EPSS
Exploits3References3Affected Software1
Snyk
Snyk
added 2026/03/18 8:46 a.m.7 views

Command Injection

Overview Glances is an A cross-platform curses-based monitoring tool Affected versions of this package are vulnerable to Command Injection via the securepopen function. An attacker can execute arbitrary commands by supplying specially crafted process names or container names containing shell...

8.5CVSS6.1AI score0.00243EPSS
Exploits1References2
Rows per page
Query Builder