Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

327 New today
65,672 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
9
Jun 26
Critical
High
Medium
Low
Latest
CVE CVSS 7.8

Glances: Arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration_CVE-2026-53925

Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the secure_popen() function in glances/secure.py interprets > (file redirection), | (pipe), and && (command chaining) operators in command strings. These operators are applied without any ...

CVE-2026-53925 nicolargo glances >= 4.0.8, < 4.5.5
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.3 CVE-2026-46611

Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack_CVE-2026-46611

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s, implemented in glances/ser...

nicolargo glances < 4.5.5 CVE
HIGH 7.4 CVE-2026-46608

Glances: XML-RPC Multi-Origin CORS Configuration Silently Falls Back to Wildcard (Incomplete Fix for CVE-2026-33533)_CVE-2026-46608

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s) introduced a configurable ...

nicolargo glances < 4.5.5 CVE
HIGH 7.8 CVE-2026-46607

Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution_CVE-2026-46607

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cac...

nicolargo glances < 4.5.5 CVE
HIGH 7.8 CVE-2026-46606

Glances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.py_CVE-2026-46606

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine (glances/plugins/vms/engine...

nicolargo glances < 4.5.5 CVE
HIGH 8.4 CVE-2026-12921

Use after free in AzeoTech DAQFactory_CVE-2026-12921

In AzeoTech DAQFactory versions 21.1 and prior, a Use After Free vulnerability can be exploited by an attacker using specially crafted .ctl files w...

AzeoTech DAQFactory CVE
HIGH 8.4 CVE-2026-12897

Out-of-bounds read in Horner Automation Cscape_CVE-2026-12897

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exp...

Horner Automation Cscape CVE
NONE A34DF1A1-2F25-

pentest-agent-vs-llm-benchmark-effectiveness_A34DF1A1-2F25-5439-9D41-0DCBBBB34A45

Backbone or Backbone-Architecture? A controlled study of LLM agents on web-penetration-testing CTFs. The scaffold around the model often decides mo...

N/A N/A GITHUBEXPLOIT
HIGH 8.5 BD307E81-25CC-

Exploit for OS Command Injection in Tp-Link Tl-Wr802N_Firmware_BD307E81-25CC-59FA-B6D0-3D9C36E25857

CVE-2026-3227: TP-Link Router OS Command Injection For more Information see https://vulners.com/cve/CVE-2026-3227 A persistent, authenticated OS Co...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 A8E5D800-F075-

Exploit for Path Traversal in Gogs_A8E5D800-F075-509D-A604-E092148C4F7B

CVE-2025-8110 Gogs Repository Symlink Remote Code Execution Made by oguiii --- Table of Contents - Overview - Features - Requirements - Installatio...

N/A N/A GITHUBEXPLOIT