CVE-2026-46611 is a medium-severity security vulnerability in glances (pip), affecting versions < 4.5.5. It is fixed in 4.5.5.
Summary The Glances XML-RPC server (glances -s, implemented in glances/server.py) does not validate the HTTP Host header, leaving it vulnerable to DNS rebinding attacks. CVE-2026-32632 (patched in 4.5.2) added TrustedHostMiddleware to the REST/WebUI server; the MCP server has had equivalent protection since 4.5.1. The XML-RPC server received neither fix and has no allowed-hosts configuration key. Combined with the unrestricted Access-Control-Allow-Origin: header (see companion advisory for CVE-2026-33533 and its incomplete fix), an attacker can exploit DNS rebinding to exfiltrate the full system monitoring dataset from a victim's browser. Details Affected component: glances/server.py, GlancesXMLRPCHandler / GlancesXMLRPCServer Direct URL (commit 04579778e733d705898a169e049dc84772c852da): https://github.com/nicolargo/glances/blob/04579778e733d705898a169e049dc84772c852da/glances/server.py Contrast, patched backends: https://github.com/nicolargo/glances/blob/04579778e733d705898a169e049dc84772c852da/glances/outputs/glancesrestfulapi.py https://github.com/nicolargo/glances/blob/04579778e733d705898a169e049dc84772c852da/glances/outputs/glancesmcp.py The GlancesXMLRPCHandler class inherits from Python's xmlrpc.server.SimpleXMLRPCRequestHandler and does not override parserequest() to inspect or validate the Host header. Contrast this with the two other Glances server backends, both of which received host-validation hardening: REST / WebUI server (glances/outputs/glancesrestfulapi.py), patched in 4.5.2: MCP server (glances/outputs/glancesmcp.py), protected since 4.5.1: XML-RPC server (glances/server.py), no equivalent exists: There is no xmlrpcallowedhosts (or equivalent) configuration key in glances.conf, and the server ignores the Host header on every incoming request. Confirmed on: x8664 Linux, Python 3.13, Glances 4.5.5dev1 (commit 04579778e733d705898a169e049dc84772c852da). Test results: | Server type | Host header | HTTP status | Data returned | |-------------|----------------------|-------------|---------------| | XML-RPC | attacker.example.com | 200 OK | Yes, VULNERABLE | | XML-RPC | 127.0.0.1:61209 | 200 OK | Yes (baseline) | | REST API | attacker.example.com | 400 Bad Request | No, patched | PoC Attack overview DNS rebinding breaks the browser Same-Origin Policy by making attacker.example.com temporarily resolve to the target's IP address (e.g. 127.0.0.1). From that point the victim's browser treats the attacker's page as same-origin with http://attacker.example.com:61209/RPC2, forwarding the attacker-controlled Host header to the local Glances XML-RPC server, which accepts it without validation. Special configuration required No special glances.conf settings are needed. The vulnerability is present in a default Glances XML-RPC server start (glances -s). For the comparison test (Step 3) the REST server must also be started; that step requires Glances to be installed with web dependencies (pip install "glances[web]"). Step 1, Start the Glances XML-RPC server Step 2, Confirm the server accepts an arbitrary Host header Expected result (secure): HTTP/1.0 400 Bad Request Actual result: HTTP/1.0 200 OK with full XML-RPC response body. Step 3, Confirm the REST API is patched (comparison) Step 4, Full DNS rebinding exploitation (real-world path) Attacker registers attacker.example.com with a low-TTL (1 second) DNS record initially pointing to their own server IP. Attacker serves the following page from http://attacker.example.com: Victim visits http://attacker.example.com in their browser. After TTL expiry, the attacker's DNS server responds with 127.0.0.1. The browser's fetch() call is sent to 127.0.0.1:61209 with Host: attacker.example.com; the XML-RPC server accepts it. The Access-Control-Allow-Origin: header (see companion advisory) allows the browser to read the response body. The attacker receives the complete system monitoring snapshot. Tools that simplify DNS rebinding for research/testing include: Singularity rbndr.us Step 5, Confirm absence of Host check in source Impact Vulnerability type: Insufficient Verification of Data Authenticity / DNS Rebinding (CWE-350) Who is impacted: Any user whose browser can reach a Glances XML-RPC server and who can be lured to visit an attacker controlled web page. This includes deployments where: Glances is bound to 127.0.0.1 (loopback), DNS rebinding bypasses the loopback restriction. Glances is bound to a LAN IP, any browser on that LAN is at risk. Glances is exposed on a public IP, any browser on the internet is at risk. Data exposed through the XML-RPC API includes: hostname, OS and kernel version, full process list with command-line arguments (frequently containing API keys, database passwords, and access tokens passed as environment variables or CLI flags), CPU/memory/disk/network statistics, open file descriptors, listening ports, and Docker/Kubernetes container metadata. Impact: Confidentiality: High, complete system monitoring data readable remotely without credentials. Integrity: None, read-only XML-RPC API. Availability: None, no denial-of-service component. The attack is amplified by the companion CORS wildcard issue (vuln03): without Access-Control-Allow-Origin: *, the browser would still block the response read. Both issues must be fixed together for effective remediation. Suggested Fix Option 1, Add Host validation to the XML-RPC handler (preferred) Add a webuiallowedhosts (or new xmlrpcallowedhosts) configuration key, and validate the Host header in GlancesXMLRPCHandler: Populate allowedhosts from the existing webuiallowedhosts config key (already used by the REST server), so operators have a single knob. Option 2, Deprecate and remove the XML-RPC server The XML-RPC server is a legacy interface. The REST API (glances -w) provides a superset of functionality, is actively maintained, and has all current security controls. Deprecating the XML-RPC server in the next major release and directing users to the REST API would eliminate this attack surface entirely. Responsible Disclosure The AFINE Team is committed to responsible / coordinated disclosure. The AFINE Team will not publish details of this vulnerability or release exploit code publicly until a fix has been released, or 90 days have elapsed from the date of this report, whichever comes first. Credits This issue was identified by Michał Majchrowicz and Marcin Wyczechowski, members of the AFINE Team.
CVE-2026-46611 has a CVSS score of 5.3 (Medium). The vector is network-reachable, no privileges required, and user interaction required. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment.
A fixed version is available (4.5.5). Upgrading removes the vulnerable code path.
pip
glances (< 4.5.5)glances → 4.5.5 (pip)Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.
Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter instead of chasing every advisory.
Kodem's runtime-powered SCA identifies whether CVE-2026-46611 is reachable in your applications. Explore open-source security for your team.
See if CVE-2026-46611 is reachable in your applications. Get a demo
Already deployed Kodem? See CVE-2026-46611 in your environment →Upgrade glances to 4.5.5 or later to resolve this vulnerability.
Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.
CVE-2026-46611 is a medium-severity security vulnerability in glances (pip), affecting versions < 4.5.5. It is fixed in 4.5.5.
CVE-2026-46611 has a CVSS score of 5.3 (Medium). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
glances (pip) versions < 4.5.5 is affected.
Yes. CVE-2026-46611 is fixed in 4.5.5. Upgrade to this version or later.
Whether CVE-2026-46611 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
Upgrade glances to 4.5.5 or later.