Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.5 views

CVE-2026-29039

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...

9.3CVSS5.8AI score0.00484EPSS
Exploits1References1
NVD
NVD
added 2026/03/06 7:16 a.m.8 views

CVE-2026-29039

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...

9.3CVSS0.00484EPSS
Exploits1References3
OSV
OSV
added 2026/03/06 6:54 a.m.8 views

CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text()

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...

9.3CVSS5.8AI score0.00484EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/06 6:54 a.m.9 views

CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text()

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...

9.3CVSS5.8AI score0.00484EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/06 6:54 a.m.8 views

CVE-2026-29039

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...

9.3CVSS5.8AI score0.00484EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/06 6:54 a.m.18 views

CVE-2026-29039

Changedetection.io prior to 0.54.4 is vulnerable to an Arbitrary File Read via XPath in include_filters, where unparsed-text() can read files accessible to the application. Affected component is the XPath-based content filter processing using the elementpath parser. Impact includes reading sensit...

9.3CVSS6AI score0.00484EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/06 6:54 a.m.36 views

CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text()

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...

9.3CVSS0.00484EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/04 8:59 p.m.8 views

changedetection.io vulnerable to XPath - Arbitrary File Read via unparsed-text()

Summary - The changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which implements XPath 3.0/3.1 specification. - XPath 3.0 includes the unparsed-text function...

9.3CVSS6AI score0.00484EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/04 8:59 p.m.1 views

GHSA-6FMW-82M7-JQ6P changedetection.io vulnerable to XPath - Arbitrary File Read via unparsed-text()

Summary - The changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which implements XPath 3.0/3.1 specification. - XPath 3.0 includes the unparsed-text function...

9.3CVSS5.9AI score0.00484EPSS
Exploits1References5
Snyk
Snyk
added 2026/03/04 8:59 p.m.3 views

Arbitrary Code Injection

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Arbitrary Code Injection via the unparsed-text function in XPath expressions processed by the application. An attacker can access and read arbitrary files from the...

9.3CVSS5.9AI score0.00484EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.7 views

PT-2026-23090

Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.54.4 Description The changedetection.io application allows users to specify XPath expressions as content filters via the include filters field. These XPath expressions are processed using the elementpath...

9.3CVSS5.9AI score0.00484EPSS
Exploits1References10
Rows per page
Query Builder