Lucene search
K

5 matches found

UbuntuCve
UbuntuCve
added 2026/03/18 6:16 p.m.5 views

CVE-2026-32632

Glances is an open-source system cross-platform monitoring tool. Glances recently added DNS rebinding protection for the MCP endpoint, but prior to version 4.5.2, the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent...

5.9CVSS5.8AI score0.0016EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/18 5:47 p.m.10 views

CVE-2026-32632 Glances's REST/WebUI Lacks Host Validation and Remains Exposed to DNS Rebinding

Glances is an open-source system cross-platform monitoring tool. Glances recently added DNS rebinding protection for the MCP endpoint, but prior to version 4.5.2, the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent...

5.9CVSS5.8AI score0.0016EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/16 4:34 p.m.9 views

Glances's REST/WebUI Lacks Host Validation and Remains Exposed to DNS Rebinding

Summary Glances recently added DNS rebinding protection for the MCP endpoint, but the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent host allowlist. As a result, the REST API, WebUI, and token endpoint remain...

5.9CVSS5.9AI score0.0016EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/16 4:34 p.m.11 views

GHSA-HHCG-R27J-FHV9 Glances's REST/WebUI Lacks Host Validation and Remains Exposed to DNS Rebinding

Summary Glances recently added DNS rebinding protection for the MCP endpoint, but the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent host allowlist. As a result, the REST API, WebUI, and token endpoint remain...

5.9CVSS5.9AI score0.0016EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-25819

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.2 Description Glances, a system cross-platform monitoring tool, had insufficient host validation in its main REST/WebUI FastAPI application prior to version 4.5.2. This allowed the REST API, WebUI, and token...

5.9CVSS5.7AI score0.0016EPSS
Exploits1References25
Rows per page
Query Builder