CVEFinder.io

CVE-2026-43891

⚠️ high
🔍 Scan for this CVE
Summary

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application extracts the archive and copies each restored watch UUID directory directly into the live datastore using shutil.copytree(entry.path, dst_dir). This preserves attacker-controlled files inside the restored

Description

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application extracts the archive and copies each restored watch UUID directory directly into the live datastore using shutil.copytree(entry.path, dst_dir). This preserves attacker-controlled files inside the restored watch directory, including history.txt. After restore, the application parses history.txt in the watch history property and returns the contents of the targeted local file. This vulnerability is fixed in 0.55.1.

CVSS Score
7.5
High
EPSS Score
0.0
Exploit Probability
Published Date
2026-05-12
First Seen: 2026-05-17
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 69.1% of all 321,566 vulnerabilities in our database.

#99,499
Above average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: May 13, 2026
🔍 Exploitation Status
Poc
Proof-of-concept available
⚙️ Automatable
YES
Can be exploited automatically
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2026-05-15
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE IDs (Weakness Types)
CWE-73

📦 Affected Products 1

Vendor Product Status Affected Versions
webtechnologies changedetection Affected
< 0.55.1

🔗 References 2

https://github.com/dgtlmoon/changedetection.io/secur...
Exploit Mitigation Vendor Advisory
https://github.com/pocket-id/pocket-id/security/advi...
Exploit Mitigation Vendor Advisory Not Applicable

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-35490 ⛔ critical 9.8 0.0 changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required... 2026-04-07
CVE-2026-35000 🔶 medium 6.5 0.1 ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the SafeXPath3Parser implementa... 2026-04-01
CVE-2026-33981 🔶 medium 6.5 0.0 changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include... 2026-03-27
CVE-2026-29038 🔶 medium 6.1 0.0 changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, there is a reflected c... 2026-03-06
CVE-2026-29039 ⚠️ high 7.5 0.0 changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io... 2026-03-06
CVE-2026-29065 ⛔ critical 9.1 0.1 changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerabili... 2026-03-06
These CVEs affect the same products