HIGH PyPI
GHSA-25g8-2mcf-fcx9 · CVE-2026-29065 changedetection.io has Zip Slip vulnerability in the backup restore functionality
Modified: 3/6/2026
package
PyPI / changedetection-io
pkg:pypi/changedetection-io
HIGH 8.6 PyPI
GHSA-3c45-4pj5-ch7m · CVE-2026-27696 changedetection.io is Vulnerable to SSRF via Watch URLs
Modified: 2/25/2026
LOW 3.5 PyPI
GHSA-4c3j-3h7v-22q9 · CVE-2025-62780, PYSEC-2025-91 changedetection.io: Stored XSS in Watch update via API
Modified: 6/5/2026
CRITICAL 10.0 PyPI
GHSA-4r7v-whpg-8rx3 · CVE-2024-32651 changedetection.io has a Server Side Template Injection using Jinja2 which allows Remote Command Execution
Modified: 8/6/2025
HIGH PyPI
GHSA-58r7-4wr5-hfx8 · CVE-2026-33981 Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters
Modified: 3/30/2026
MEDIUM 5.4 PyPI
GHSA-68wj-c2jw-5pp9 · CVE-2023-24769, PYSEC-2023-10 Stored cross site scripting in changedetection.io
Modified: 3/19/2025
HIGH PyPI
GHSA-6fmw-82m7-jq6p · CVE-2026-29039 changedetection.io vulnerable to XPath - Arbitrary File Read via unparsed-text()
Modified: 3/6/2026
HIGH 8.6 PyPI
GHSA-6jrf-rcjf-245r · CVE-2024-51998 changedetection.io path traversal using file URI scheme without supplying hostname
Modified: 11/8/2024
HIGH 7.5 PyPI
GHSA-8757-69j2-hx56 · CVE-2026-43891, PYSEC-2026-30 changedetection.io has an Arbitrary Local File Read via a crafted backup restore
Modified: 6/10/2026
MEDIUM 6.1 PyPI
GHSA-8whx-v8qq-pq64 · CVE-2026-29038 changedetection.io has Reflected XSS in its RSS Tag Error Response
Modified: 3/6/2026
MEDIUM 6.5 PyPI
GHSA-cwgg-57xj-g77r · CVE-2024-51483 changedetection.io Path Traversal
Modified: 11/1/2024
LOW 3.7 PyPI
GHSA-hcvp-2cc7-jrwr · CVE-2024-23329, PYSEC-2024-15 changedetection.io API endpoint is not secured with API token
Modified: 9/13/2024
HIGH PyPI
GHSA-hwpg-x5hw-vpv9 · CVE-2025-52558 ChangeDetection.io XSS in watch overview
Modified: 6/27/2025
HIGH 8.6 PyPI
GHSA-j5vv-6wjg-cfr8 · CVE-2024-56509 changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal
Modified: 12/27/2024
CRITICAL 9.8 PyPI
GHSA-jmrh-xmgh-x9j4 · CVE-2026-35490, PYSEC-2026-28 changedetection.io Vulnerable to Authentication Bypass via Decorator Ordering
Modified: 6/5/2026
MEDIUM 6.1 PyPI
GHSA-mw8m-398g-h89w · CVE-2026-27645 changedetection.io Vulnerable to Reflected XSS in RSS Single Watch Error Response
Modified: 2/25/2026
MEDIUM 4.3 PyPI
GHSA-pwgc-w4x9-gw67 · CVE-2024-34061 changedetection.io Cross-site Scripting vulnerability
Modified: 5/3/2024
HIGH 7.5 PyPI
GHSA-v7cp-2cx9-x793 · CVE-2026-41895, PYSEC-2026-29 changedetection.io project has an XXE vulnerability
Modified: 6/5/2026
— PyPI
PYSEC-2023-10 · CVE-2023-24769, GHSA-68wj-c2jw-5pp9 Modified: 6/10/2026
LOW 3.7 PyPI
PYSEC-2024-15 · CVE-2024-23329, GHSA-hcvp-2cc7-jrwr Modified: 1/26/2024
MEDIUM 5.4 PyPI
PYSEC-2025-91 · CVE-2025-62780, GHSA-4c3j-3h7v-22q9 Modified: 5/20/2026
CRITICAL 9.8 PyPI
PYSEC-2026-28 · CVE-2026-35490, GHSA-jmrh-xmgh-x9j4 Modified: 5/20/2026
HIGH 7.5 PyPI
PYSEC-2026-29 · CVE-2026-41895, GHSA-v7cp-2cx9-x793 Modified: 5/20/2026
HIGH 7.5 PyPI
PYSEC-2026-30 · CVE-2026-43891, GHSA-8757-69j2-hx56 Modified: 6/10/2026