CVE-2026-46607 in glances
Summary
by MITRE • 06/25/2026
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cache file stored at a predictable, world-accessible path (~/.cache/glances/glances-version.db or $XDG_CACHE_HOME/glances/glances-version.db). No integrity check, signature verification, or format validation is performed before deserialization. An attacker with write access to that path — through any of several realistic local or container-level scenarios — can plant a malicious pickle file and achieve arbitrary code execution as the OS user running Glances the next time it starts with version checking enabled (the default). This vulnerability is fixed in 4.5.5.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 06/26/2026
The glances monitoring tool presents a critical security vulnerability through its improper handling of version cache files, specifically leveraging pickle deserialization without adequate validation mechanisms. This flaw exists in versions prior to 4.5.5 where the application employs pickle.load() to process cache data stored at predictable locations within the user's cache directory structure. The vulnerability stems from the fundamental insecurity of Python's pickle module when used without proper input sanitization or integrity verification, creating a pathway for remote code execution through malicious payload injection.
The technical implementation of this vulnerability relies on the predictable file path structure that glances uses for storing version information, specifically targeting ~/.cache/glances/glances-version.db or the equivalent path within $XDG_CACHE_HOME/glances/glances-version.db. This deterministic location creates an attack surface where adversaries can manipulate the cache file before the next execution cycle. The absence of any integrity checks, signature verification, or format validation during deserialization means that arbitrary pickle data can be loaded and executed with the privileges of the user running the glances process. This represents a classic deserialization vulnerability that aligns with CWE-502, which specifically addresses unsafe deserialization of untrusted data.
The operational impact of this vulnerability extends beyond simple privilege escalation to encompass complete system compromise through arbitrary code execution. Attackers can leverage various local or container-level scenarios to gain write access to the cache directory, including but not limited to compromised containers, misconfigured file permissions, or insecure shared environments. Once the malicious pickle payload is written to the cache file, any subsequent execution of glances with version checking enabled will trigger the deserialization process, executing the attacker's code within the context of the running user account. This vulnerability directly maps to attack techniques described in the MITRE ATT&CK framework under initial access and privilege escalation domains, specifically targeting credential access through malicious file injection.
The remediation implemented in glances version 4.5.5 addresses this vulnerability by eliminating the unsafe pickle deserialization pattern and implementing proper validation mechanisms for cache file content. This fix represents a fundamental security improvement that aligns with industry best practices for preventing deserialization attacks, particularly those targeting Python applications where pickle modules are commonly misused. Organizations using glances should immediately upgrade to version 4.5.5 or later to mitigate this risk, while also implementing broader security controls such as file system permissions, regular vulnerability scanning, and monitoring for unauthorized modifications to cache directories. The fix demonstrates the importance of proper input validation and secure coding practices in preventing exploitation of common programming patterns that can lead to remote code execution vulnerabilities.