CVE-2026-43891 changedetection.io: Arbitrary Local File Read via crafted backup restore

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

GHSA-V7CP-2CX9-X793 changedetection.io project has an XXE vulnerability

changedetection.ioXXE01 Vulnerability Report: We discovered a XXE vulnerability in the changedetection.io project While analyzing the code logic, it was determined that an area may lead to unintended behavior under specific conditions. With the project's security in mind, see the analysis results...

PT-2026-37163

Name of the Vulnerable Software and Affected Versions changedetection.io versions 0.54.9 and earlier Description The software contains an XML External Entity XXE issue where the xpath filter function switches to XML mode for XML/RSS content and creates an etree.XMLParserstrip cdata=False without...

CVE-2026-35490

changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @loginoptionallyrequired decorator is placed before outer to @blueprint.route instead of after it. In Flask, @route must be the outermost decorator because it registers the function it receives. When the...

PYSEC-2026-28

changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @loginoptionallyrequired decorator is placed before outer to @blueprint.route instead of after it. In Flask, @route must be the outermost decorator because it registers the function it receives. When the...

CVE-2026-35490 changedetection.io has an Authentication Bypass via Decorator Ordering

changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @loginoptionallyrequired decorator is placed before outer to @blueprint.route instead of after it. In Flask, @route must be the outermost decorator because it registers the function it receives. When the...

changedetection.io 安全漏洞

changedetection.io is a website change detection, monitoring, and notification application developed by dgtlmoon. Versions of changedetection.io prior to 0.54.8 contained a security vulnerability. This vulnerability occurred because the @loginoptionallyrequired decorator was placed before...

Incorrect Authorization

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Incorrect Authorization due to improper decorator ordering in route registration. An attacker can gain unauthorized access to sensitive backup files, exfiltrate...

changedetection.io 信息泄露漏洞

changedetection.io is a website-based application developed by dgtlmoon, designed for change detection, monitoring, and notification. Versions of changedetection.io prior to 0.54.7 contained a vulnerability related to information leakage. This vulnerability stemmed from the use of filter...

CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text()

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...

changedetection.io 路径遍历漏洞

changedetection.io is a website-based application developed by dgtlmoon, designed for change detection, monitoring, and notification. Versions of changedetection.io prior to 0.54.4 contained a path traversal vulnerability. This vulnerability stemmed from an arbitrary file overwrite vulnerability ...

changedetection.io 跨站脚本漏洞

Changedetection.io is a website change detection, monitoring, and notification application developed by dgtlmoon. Versions of Changedetection.io prior to 0.54.4 contained a cross-site scripting vulnerability. This vulnerability stemmed from the taguuid path parameter in the /rss/tag/ endpoint bei...

changedetection.io has Reflected XSS in its RSS Tag Error Response

A reflected cross-site scripting XSS vulnerability was identified in the /rss/tag/ endpoint of changedetection.io. The taguuid path parameter is reflected directly in the HTTP response body without HTML escaping. Since Flask returns text/html by default for plain string responses, the browser...

CVE-2026-27645

changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, the RSS single-watch endpoint reflects the UUID path parameter directly in the HTTP response body without HTML escaping. Since Flask returns text/html by default for plain string responses, the...

GHSA-3C45-4PJ5-CH7M changedetection.io is Vulnerable to SSRF via Watch URLs

Summary Changedetection.io is vulnerable to Server-Side Request Forgery SSRF because the URL validation function issafevalidurl does not validate the resolved IP address of watch URLs against private, loopback, or link-local address ranges. An authenticated user or any user when no password is...

Server-side Request Forgery (SSRF)

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the issafevalidurl function. An attacker can access internal network resources and exfiltrate sensitive data by submitting...

CVE-2026-27696

CVE-2026-27696 affects changedetection.io prior to 0.54.1. The SSRF vulnerability arises because is_safe_valid_url() does not validate the resolved IP against private, loopback, or link-local ranges, allowing an authenticated user (or any user when no password is configured by default) to add wat...

CVE-2026-27645 changedetection.io Vulnerable to Reflected XSS in RSS Single Watch Error Response

changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, the RSS single-watch endpoint reflects the UUID path parameter directly in the HTTP response body without HTML escaping. Since Flask returns text/html by default for plain string responses, the...

CVE-2026-25527 changedetection.io vulnerable to unauthenticated static path traversal

changedetection.io is a free open source web page change detection tool. In versions prior to 0.53.2, the /static// route accepts group="..", which causes sendfromdirectory"static/..", filename to execute. This moves the base directory up to /app/changedetectionio, enabling unauthenticated local...

CVE-2026-25527

Changedetection.io versions prior to 0.53.2 are vulnerable to unauthenticated local file read via path traversal in the /static// route when group=".." is supplied, potentially exposing source files (e.g., flask_app.py). Root cause: send_from_directory("static/..", filename) can escape the app di...