Medium5.3Red Hat Linux Updated
Information disclosure via DNS rebinding attack
CVE-2026-46611 Published Jun 25, 2026Updated by vendor Jun 25, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
Information disclosure via DNS rebinding attack. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-346.
Affected versions
- < 4.5.5
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- The XML-RPC server is a legacy interface started via the -s or --server flags. To maintain remote monitoring functionality securely, operators should migrate to the actively maintained REST API by starting Glances with the -w or --webserver flag instead. The REST API component is protected against DNS rebinding attacks.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.