The Cassandra export module (glances/exports/glances_cassandra/__init__.py) interpolates keyspace, table, and replication_factor configuration values directly into CQL statements without validation. A user with write access to glances.conf can redirect all monitoring data to an attacker-controlled Cassandra keyspace.
# Line 80
f"CREATE KEYSPACE {self.keyspace} WITH "
f"replication = {{ 'class': 'SimpleStrategy', 'replication_factor': '{self.replication_factor}' }}"
# Line 94
f"CREATE TABLE {self.table} (plugin text, time timeuuid, stat map<text,float>, PRIMARY KEY (plugin, time)) WITH CLUSTERING ORDER BY (time DESC)"
# Line 112
stmt = f"INSERT INTO {self.table} (plugin, time, stat) VALUES (?, ?, ?)"
glances.conf with malicious table value:[cassandra]
host = 127.0.0.1
port = 9042
keyspace = glances
table = attacker_ks.captured_stats
glances --export cassandraattacker_ks.captured_stats instead of the legitimate tableConfirmed output:
INSERT stmt: INSERT INTO attacker_ks.captured_stats (plugin, time, stat) VALUES (?, ?, ?)
Legitimate table row count: 0
Attacker table row count: 1
[CONFIRMED] plugin=cpu, stat={'user': 50.0}
All exported monitoring data (CPU, memory, network, disk I/O) is silently redirected to an attacker-controlled Cassandra keyspace — both data exfiltration and data loss.
import re
def _validate_cql_identifier(name: str) -> str:
if not re.match(r'^[a-zA-Z_][a-zA-Z0-9_.]*$', name):
raise ValueError(f"Invalid CQL identifier: {name!r}")
return name
# In __init__(): validate before use
self.keyspace = _validate_cql_identifier(self.keyspace)
self.table = _validate_cql_identifier(self.table)

| Score | Percentile |
|---|---|
| 0.01% | 0.63% |
| Base score | Version | Severity | Vector |
|---|---|---|---|
| 6.3 | 3.1 | — |
|
| Type | Value |
|---|---|
| GHSA | GHSA-grp3-h8m8-45p7 ↗ |
| CVE | CVE-2026-35588 ↗ |
| CWE id | Name |
|---|---|
| CWE-89 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| pip | glances | < 4.5.4 | 4.5.4 | — |