The Glances monitoring tool has a vulnerability that allows Server-Side Request Forgery due to improper validation of the public_api configuration parameter.
Claims
The Glances monitoring tool has a vulnerability that allows Server-Side Request Forgery due to improper validation of the public_api configuration parameter.
Parent: CybersecurityEntity: Glances monitoring toolImpact: negativeDate: Apr 21, 2026Target: The Glances monitoring tool's security
The Glances monitoring tool exposes a REST API without authentication, allowing cross-origin requests from any origin.
Parent: CybersecurityEntity: Glances monitoring toolImpact: negativeDate: Apr 21, 2026Target: The Glances monitoring tool's security
Source posts
๐จ EUVD-2026-23986
๐ Score: 7.7/10 (CVSS v3.1)
๐ฆ Product: Glances
๐ข Vendor: nicolargo
๐
Updated: 2026-04-20
๐ Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API (`/api/4/*`) that is accessible without authentication and allows cross-origin requests from any origin due to a permissive C...
๐ https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23986
#cybersecurity #infosec #euvd #cve #vulnerability
0 boosts ยท 0 favs ยท 0 replies ยท Apr 21, 2026
#cybersecurity#infosec#euvd#cve#vulnerability
๐จ EUVD-2026-23990
๐ Score: 7.3/10 (CVSS v3.1)
๐ฆ Product: Glances
๐ข Vendor: nicolargo
๐
Updated: 2026-04-20
๐ Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery (SSRF) vulnerability exists in the Glances IP plugin due to improper validation of the public_api configuration parameter. The value of p...
๐ https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23990
#cybersecurity #infosec #euvd #cve #vulnerability
0 boosts ยท 0 favs ยท 0 replies ยท Apr 21, 2026
#cybersecurity#infosec#euvd#cve#vulnerability