Webtechnologies Changedetection — known CVE vulnerabilities
Every CVE whose affected-product data names Webtechnologies Changedetection, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2026-35490 — CVSS 9.8 (critical): changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required decorator is…
CVE-2026-29065 — CVSS 9.1 (critical): changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerability in the backup…
CVE-2026-27696 — CVSS 8.6 (high): changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, changedetection.io is vulnerable to…
CVE-2026-43891 — CVSS 7.5 (high): changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting…
CVE-2026-29039 — CVSS 7.5 (high): changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows…
CVE-2026-41895 — CVSS 7.5 (high): changedetection.io is a free open source web page change detection tool. In 0.54.9 and earlier, xpath_filter() switches to XML mode for…
CVE-2026-35000 — CVSS 6.5 (medium): ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the SafeXPath3Parser implementation that allows…
CVE-2026-33981 — CVSS 6.5 (medium): changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions…
CVE-2026-29038 — CVSS 6.1 (medium): changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, there is a reflected cross-site scripting…
CVE-2026-27645 — CVSS 6.1 (medium): changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, the RSS single-watch endpoint…
CVE-2023-24769 — CVSS 5.4 (medium): Changedetection.io before v0.40.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the main page. This…
CVE-2026-25527 — CVSS 5.3 (medium): changedetection.io is a free open source web page change detection tool. In versions prior to 0.53.2, the `/static/<group>/<filename>`…
CVE-2024-23329 — CVSS 3.7 (low): changedetection.io is an open source tool designed to monitor websites for content changes. In affected versions the API endpoint…