Description
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cache file stored at a predictable, world-accessible path (~/.cache/glances/glances-version.db or $XDG_CACHE_HOME/glances/glances-version.db). No integrity check, signature verification, or format validation is performed before deserialization. An attacker with write access to that path — through any of several realistic local or container-level scenarios — can plant a malicious pickle file and achieve arbitrary code execution as the OS user running Glances the next time it starts with version checking enabled (the default). This vulnerability is fixed in 4.5.5.
Published: 2026-06-25
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Glances, a cross‑platform monitoring utility, deserializes a version‑check cache using Python's pickle without validation, off‑by‑one: the cache file is world‑accessible. An attacker who can write to the cache directory can place a crafted pickle that executes arbitrary code whenever Glances starts. The flaw is CWE‑502 and provides full code execution as the user that runs the utility.

Affected Systems

The flaw exists in all releases of Glances by nicolargo older than 4.5.5. It affects the standard installation paths ~/.cache/glances/glances-version.db or $XDG_CACHE_HOME/glances/glances-version.db, meaning any system installing this open‑source monitoring tool without restricting write access to these directories – common in local user setups or container environments – is vulnerable.

Risk and Exploitability

The vulnerability carries a CVSS score of 7.8, indicating high severity. EPSS data is not available and the issue is not listed in the CISA KEV catalog, yet the local nature and lack of protection make exploitation straightforward for anyone with write permission to the cache path. An attacker could gain full control of the OS user running Glances, enabling privilege escalation or persistence.

Generated by OpenCVE AI on June 25, 2026 at 19:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Glances to version 4.5.5 or later to eliminate the insecure pickle handling.
  • Delete any existing glances‑version.db cache files to remove already injected payloads.
  • Restrict write permissions on the cache directory, such as setting ownership to the Glances user and using restrictive modes, or relocate the cache to a non‑world‑writable location.
  • If an upgrade cannot be performed immediately, disable version checking when launching Glances (e.g., using a --no-version-check flag if available).

Generated by OpenCVE AI on June 25, 2026 at 19:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-9837-48hr-q32j Glances has Insecure Pickle Deserialization in its Version Cache that Leads to Arbitrary Code Execution
History

Thu, 25 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Nicolargo
Nicolargo glances
Vendors & Products Nicolargo
Nicolargo glances

Thu, 25 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 25 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Description Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cache file stored at a predictable, world-accessible path (~/.cache/glances/glances-version.db or $XDG_CACHE_HOME/glances/glances-version.db). No integrity check, signature verification, or format validation is performed before deserialization. An attacker with write access to that path — through any of several realistic local or container-level scenarios — can plant a malicious pickle file and achieve arbitrary code execution as the OS user running Glances the next time it starts with version checking enabled (the default). This vulnerability is fixed in 4.5.5.
Title Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution
Weaknesses CWE-502
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Nicolargo Glances
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-25T18:49:32.136Z

Reserved: 2026-05-15T19:34:14.011Z

Link: CVE-2026-46607

cve-icon Vulnrichment

Updated: 2026-06-25T18:48:55.642Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T21:15:05Z

Weaknesses
  • CWE-502

    Deserialization of Untrusted Data