CVE-2026-32596 Common Vulnerabilities and Exposures

Upstream information

CVE-2026-32596 at MITRE

Description

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with `glances -w`, exposing REST API with sensitive system information including process command-lines containing credentials (passwords, API keys, tokens) to any network client. Version 4.5.2 fixes the issue.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 1260321 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`glances-common >= 4.5.2-1.1` `python311-Glances >= 4.5.2-1.1` `python313-Glances >= 4.5.2-1.1`	Patchnames: openSUSE-Tumbleweed-2026-10415

SUSE Timeline for this CVE

CVE page created: Wed Mar 18 08:00:15 2026
CVE page last modified: Fri May 8 12:08:53 2026