[Git][security-tracker-team/security-tracker][master] Add two new glances issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 3 09:52:56 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c8794d7 by Salvatore Bonaccorso at 2026-04-03T10:48:43+02:00
Add two new glances issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -456,7 +456,9 @@ CVE-2026-33950 (Signal K Server is a server application that runs on a central h
 CVE-2026-33746 (Convoy is a KVM server management panel for hosting businesses. From v ...)
 	NOT-FOR-US: Convoy
 CVE-2026-33641 (Glances is an open-source system cross-platform monitoring tool. Prior ...)
-	TODO: check
+	- glances <unfixed>
+	NOTE: https://github.com/nicolargo/glances/security/advisories/GHSA-qhj7-v7h7-q4c7
+	NOTE: Fixed by: https://github.com/nicolargo/glances/commit/358d76a225fc21a9f95d2c4d7e46fafe64a644c6 (v4.5.3)
 CVE-2026-33617 (An unauthenticated remote attacker can access a configuration file con ...)
 	NOT-FOR-US: MB connect line GmbH
 CVE-2026-33616 (An unauthenticated remote attacker can exploit an unauthenticated blin ...)
@@ -470,7 +472,9 @@ CVE-2026-33613 (Due to the improper neutralisation of special elements used in a
 CVE-2026-33544 (Tinyauth is an authentication and authorization server. Prior to versi ...)
 	NOT-FOR-US: Tinyauth
 CVE-2026-33533 (Glances is an open-source system cross-platform monitoring tool. Prior ...)
-	TODO: check
+	- glances <unfixed>
+	NOTE: https://github.com/nicolargo/glances/security/advisories/GHSA-7p93-6934-f4q7
+	NOTE: Fixed by: https://github.com/nicolargo/glances/commit/dcb39c3f12b2a1eec708c58d22d7a1d62bdf5fa1 (v4.5.3)
 CVE-2026-33271 (Local privilege escalation due to insecure folder permissions. The fol ...)
 	NOT-FOR-US: Acronis
 CVE-2026-32871 (FastMCP is a Pythonic way to build MCP servers and clients. Prior to v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8794d7926a61796a9d2c929b51aaff81ddcbaf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8794d7926a61796a9d2c929b51aaff81ddcbaf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260403/89097631/attachment.htm>

More information about the debian-security-tracker-commits mailing list