A vulnerability was found in nicolargo glances up to 4.5.2 and classified as critical . This affects the function Config.get_value of the component Configuration File Handler . Such manipulation leads to os command injection. This vulnerability is referenced as CVE-2026-33641 . The attack can only be performed from a local environment. No exploit is available. It is suggested to upgrade the affected component.