nicolargo

Top products

The 15 most recently published vulnerabilities affecting nicolargo.

• CVE-2026-35588Glances has CQL Injection in its Cassandra Export Module via Unsanitized Config Values6.3Apr 20, 2026
• CVE-2026-35587Glances IP Plugin has SSRF via public_api that leads to credential leakage8.8Apr 20, 2026
• CVE-2026-34839Glances Vulnerable to Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS6.5Apr 20, 2026
• CVE-2026-33641Glances Vulnerable to Command Injection via Dynamic Configuration Values7.8Apr 2, 2026
• CVE-2026-33533Glances Vulnerable to Cross-Origin System Information Disclosure via XML-RPC Server CORS Wildcard6.5Apr 2, 2026
• CVE-2026-32634Glances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers8.1Mar 18, 2026
• CVE-2026-32633Glances's Browser API Exposes Reusable Downstream Credentials via `/api/4/serverslist`9.1Mar 18, 2026
• CVE-2026-32632Glances's REST/WebUI Lacks Host Validation and Remains Exposed to DNS Rebinding5.9Mar 18, 2026
• CVE-2026-32611Glances has a SQL Injection in DuckDB Export via Unparameterized DDL Statements7.0Mar 18, 2026
• CVE-2026-32610Glances's Default CORS Configuration Allows Cross-Origin Credential Theft8.1Mar 18, 2026
• CVE-2026-32609Glances has Incomplete Secrets Redaction: /api/v4/args Endpoint Leaks Password Hash and SNMP Credentials7.5Mar 18, 2026
• CVE-2026-32608Glances has a Command Injection via Process Names in Action Command Templates7.0Mar 18, 2026
• CVE-2026-32596Glances exposes the REST API without authentication7.5Mar 18, 2026
• CVE-2026-30930Glances has SQL Injection via Process Names in TimescaleDB Export9.8Mar 10, 2026
• CVE-2026-30928Glances Exposes Unauthenticated Configuration Secrets7.5Mar 10, 2026