CVE-2026-32596 Scanner

Glances is an open-source, cross-platform monitoring tool used by system administrators and IT professionals to monitor various aspects of systems in real-time. It provides detailed insights into system health, including resource usage, system, and network activity. This software is frequently deployed on servers and workstations, allowing administrators to visualize and track performance metrics. Glances is often used in both small and large network environments owing to its scalability and extensibility. By providing a web-based interface for remote access, Glances delivers flexibility in monitoring from various platforms. Its comprehensive set of features makes it a popular choice for ensuring system integrity and performance.

Information Disclosure vulnerabilities occur when applications inadvertently expose sensitive data to unauthorized users. In the case of Glances, this vulnerability allows remote attackers to access sensitive system information, including credentials, due to the default configuration of its web server running without authentication. Such vulnerabilities risk exposing critical system details which could lead to further exploitation. The issue arises from inadequate access controls, failing to properly enforce authentication measures. Without addressing such vulnerabilities, attackers can harvest sensitive data like usernames, configurations, and system statuses. Recognizing the impact and prevalence of such vulnerabilities is essential to securing applications from unauthorized data exposure.

The vulnerability is detailed in Glances versions prior to 4.5.2, where the lack of proper authentication mechanism leads to an information disclosure scenario. Technically, it is exploited via HTTP requests to endpoints like /api/4/system' and /api/4/processlist'. Attackers can probe these endpoints, authenticated or not, to retrieve valuable information in JSON format, encompassing details about the operating system, running processes, and performance metrics. The endpoints are inherently part of the Glances API, designed to serve legitimate web-based requests. Attackers leveraging these API routes, without authentication barriers, can easily access the information designed for administrative purposes.

When exploited, this vulnerability could potentially reveal sensitive information that could aid an attacker in mapping the structure and operational metrics of affected systems. Malicious actors could use such data for orchestrating targeted attacks, further penetration, or exfiltration of sensitive data. This unauthorized access might lead to credential theft, compromising not just system data but also potentially paving the way for more destructive exploitation like privilege escalation or lateral movement within a network. Therefore, staying vigilant and implementing robust security measures with proper authentication is paramount.

REFERENCES

• https://github.com/nicolargo/glances/security/advisories/GHSA-wvxv-4j8q-4wjq
• https://nvd.nist.gov/vuln/detail/CVE-2026-32596