{"url":"http://public2.vulnerablecode.io/api/packages/62830?format=json","purl":"pkg:pypi/changedetection.io@0.40.2","type":"pypi","namespace":"","name":"changedetection.io","version":"0.40.2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.54.8","latest_non_vulnerable_version":"0.55.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/304956?format=json","vulnerability_id":"VCID-19w6-swde-rfdt","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52558","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32634","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52558"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/3d5a544ea674cfce517adcd498877a8d760d0931","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-24T17:17:31Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/3d5a544ea674cfce517adcd498877a8d760d0931"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-hwpg-x5hw-vpv9","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-24T17:17:31Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-hwpg-x5hw-vpv9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-52558","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-52558"},{"reference_url":"https://github.com/advisories/GHSA-hwpg-x5hw-vpv9","reference_id":"GHSA-hwpg-x5hw-vpv9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hwpg-x5hw-vpv9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195813?format=json","purl":"pkg:pypi/changedetection.io@0.50.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.50.4"}],"aliases":["CVE-2025-52558","GHSA-hwpg-x5hw-vpv9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19w6-swde-rfdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/269138?format=json","vulnerability_id":"VCID-55md-32mp-q3ay","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51483","reference_id":"","reference_type":"","scores":[{"value":"0.39091","scoring_system":"epss","scoring_elements":"0.97347","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51483"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/model/Watch.py#L19","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-01T17:29:13Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/model/Watch.py#L19"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/processors/__init__.py#L35","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-01T17:29:13Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/blob/master/changedetectionio/processors/__init__.py#L35"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-cwgg-57xj-g77r","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-01T17:29:13Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-cwgg-57xj-g77r"},{"reference_url":"https://github.com/user-attachments/files/17591630/CL-ChangeDetection.io.Path.Travsersal-311024-181039.pdf","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-01T17:29:13Z/"}],"url":"https://github.com/user-attachments/files/17591630/CL-ChangeDetection.io.Path.Travsersal-311024-181039.pdf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51483","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51483"},{"reference_url":"https://github.com/advisories/GHSA-cwgg-57xj-g77r","reference_id":"GHSA-cwgg-57xj-g77r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cwgg-57xj-g77r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/187864?format=json","purl":"pkg:pypi/changedetection.io@0.47.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19w6-swde-rfdt"},{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-jjxw-quf6-hfdu"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-requ-9wsu-mycc"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.47.5"}],"aliases":["CVE-2024-51483","GHSA-cwgg-57xj-g77r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55md-32mp-q3ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22786?format=json","vulnerability_id":"VCID-6b2k-t4bg-9kfs","summary":"changedetection.io is Vulnerable to SSRF via Watch URLs\nChangedetection.io is vulnerable to Server-Side Request Forgery (SSRF) because the URL validation function `is_safe_valid_url()` does not validate the resolved IP address of watch URLs against private, loopback, or link-local address ranges. An authenticated user (or any user when no password is configured, which is the default) can add a watch for internal network URLs such as:\n\n- `http://169.254.169.254`\n- `http://10.0.0.1/`\n- `http://127.0.0.1/`\n\nThe application fetches these URLs server-side, stores the response content, and makes it viewable through the web UI — enabling full data exfiltration from internal services.\n\nThis is particularly severe because:\n\n- The fetched content is stored and viewable - this is not a blind SSRF\n- Watches are fetched periodically - creating a persistent SSRF that continuously accesses internal resources\n- By default, no password is set - the web UI is accessible without authentication\n- Self-hosted deployments typically run on cloud infrastructure where `169.254.169.254` returns real IAM credentials\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27696","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06549","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27696"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/fe7aa38c651d73fe5f41ce09855fa8f97193747b","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:51:00Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/fe7aa38c651d73fe5f41ce09855fa8f97193747b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27696","reference_id":"CVE-2026-27696","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27696"},{"reference_url":"https://github.com/advisories/GHSA-3c45-4pj5-ch7m","reference_id":"GHSA-3c45-4pj5-ch7m","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3c45-4pj5-ch7m"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-3c45-4pj5-ch7m","reference_id":"GHSA-3c45-4pj5-ch7m","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:51:00Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-3c45-4pj5-ch7m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73047?format=json","purl":"pkg:pypi/changedetection.io@0.54.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.54.1"}],"aliases":["CVE-2026-27696","GHSA-3c45-4pj5-ch7m"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6b2k-t4bg-9kfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23089?format=json","vulnerability_id":"VCID-8sjp-t56z-23ga","summary":"changedetection.io has Reflected XSS in its RSS Tag Error Response\nA reflected cross-site scripting (XSS) vulnerability was identified in the `/rss/tag/` endpoint of changedetection.io. The `tag_uuid` path parameter is reflected directly in the HTTP response body without HTML escaping. Since Flask returns `text/html` by default for plain string responses, the browser parses and executes injected JavaScript.\n\nThis vulnerability persists in version **0.54.1**, which patched the related XSS in `/rss/watch/` (CVE-2026-27645 / GHSA-mw8m-398g-h89w) but did not address the identical pattern in the tag RSS endpoint.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29038","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0602","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29038"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/ec7d56f85d1e9690fca7cb4711c1fb20dffec780","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T19:57:33Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/ec7d56f85d1e9690fca7cb4711c1fb20dffec780"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T19:57:33Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29038","reference_id":"CVE-2026-29038","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29038"},{"reference_url":"https://github.com/advisories/GHSA-8whx-v8qq-pq64","reference_id":"GHSA-8whx-v8qq-pq64","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8whx-v8qq-pq64"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-8whx-v8qq-pq64","reference_id":"GHSA-8whx-v8qq-pq64","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T19:57:33Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-8whx-v8qq-pq64"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-mw8m-398g-h89w","reference_id":"GHSA-mw8m-398g-h89w","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-mw8m-398g-h89w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73231?format=json","purl":"pkg:pypi/changedetection.io@0.54.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.54.4"}],"aliases":["CVE-2026-29038","GHSA-8whx-v8qq-pq64"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8sjp-t56z-23ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9479?format=json","vulnerability_id":"VCID-a156-qupb-eqcv","summary":"changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch with an arbitrary URL which really points to a web page. Once the HTML content is retrieved, the attacker updates the URL with a JavaScript payload. In the second, an attacker substitutes the URL in an existing watch with a new URL that is in reality a JavaScript payload. When the user clicks on *Preview* and then on the malicious link, the JavaScript malicious code is executed. Version 0.50.34 fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62780","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24222","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62780"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/issues/3562","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/issues/3562"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/pull/3564","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/pull/3564"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.50.34","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.50.34"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4c3j-3h7v-22q9","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:43:49Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4c3j-3h7v-22q9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62780","reference_id":"CVE-2025-62780","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62780"},{"reference_url":"https://github.com/advisories/GHSA-4c3j-3h7v-22q9","reference_id":"GHSA-4c3j-3h7v-22q9","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4c3j-3h7v-22q9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70174?format=json","purl":"pkg:pypi/changedetection.io@0.50.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.50.34"}],"aliases":["CVE-2025-62780","GHSA-4c3j-3h7v-22q9","PYSEC-2025-91"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a156-qupb-eqcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23100?format=json","vulnerability_id":"VCID-dwrn-bx2z-9bdg","summary":"changedetection.io vulnerable to XPath - Arbitrary File Read via unparsed-text()\n- The changedetection.io application allows users to specify XPath expressions as content filters via the include_filters field. These XPath expressions are processed using the elementpath library which implements XPath 3.0/3.1 specification.\n\n- XPath 3.0 includes the unparsed-text() function which can read arbitrary files from the filesystem. The application does not validate or sanitize XPath expressions to block dangerous functions, allowing an attacker to read any file accessible to the application process.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29039","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05858","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29039"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/417d57e5749441e4be9acc4010369bded805d66f","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T19:58:13Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/417d57e5749441e4be9acc4010369bded805d66f"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T19:58:13Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29039","reference_id":"CVE-2026-29039","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29039"},{"reference_url":"https://github.com/advisories/GHSA-6fmw-82m7-jq6p","reference_id":"GHSA-6fmw-82m7-jq6p","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6fmw-82m7-jq6p"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-6fmw-82m7-jq6p","reference_id":"GHSA-6fmw-82m7-jq6p","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T19:58:13Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-6fmw-82m7-jq6p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73231?format=json","purl":"pkg:pypi/changedetection.io@0.54.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.54.4"}],"aliases":["CVE-2026-29039","GHSA-6fmw-82m7-jq6p"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwrn-bx2z-9bdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9607?format=json","vulnerability_id":"VCID-ek84-hjsn-yya7","summary":"changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required decorator is placed before (outer to) @blueprint.route() instead of after it. In Flask, @route() must be the outermost decorator because it registers the function it receives. When the order is reversed, @route() registers the original undecorated function, and the auth wrapper is never in the call chain. This silently disables authentication on these routes. This vulnerability is fixed in 0.54.8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-35490","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09274","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-35490"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/31a760c2147e3e73a403baf6d7de34dc50429c85","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/31a760c2147e3e73a403baf6d7de34dc50429c85"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.8","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.8"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-jmrh-xmgh-x9j4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-09T14:36:58Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-jmrh-xmgh-x9j4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35490","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35490"},{"reference_url":"https://github.com/advisories/GHSA-jmrh-xmgh-x9j4","reference_id":"GHSA-jmrh-xmgh-x9j4","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmrh-xmgh-x9j4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/189222?format=json","purl":"pkg:pypi/changedetection.io@0.54.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.54.8"}],"aliases":["CVE-2026-35490","GHSA-jmrh-xmgh-x9j4","PYSEC-2026-28"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ek84-hjsn-yya7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9022?format=json","vulnerability_id":"VCID-esz6-geex-bucb","summary":"changedetection.io is an open source tool designed to monitor websites for content changes. In affected versions the API endpoint `/api/v1/watch/<uuid>/history` can be accessed by any unauthorized user. As a result any unauthorized user can check one's watch history. However, because unauthorized party first needs to know a watch UUID, and the watch history endpoint itself returns only paths to the snapshot on the server, an impact on users' data privacy is minimal. This issue has been addressed in version 0.45.13. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-23329","reference_id":"","reference_type":"","scores":[{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63995","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-23329"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/blob/9510345e01ea8e308c339163d8e8b030ce5ac7f1/changedetectionio/api/api_v1.py#L129-L156","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/blob/9510345e01ea8e308c339163d8e8b030ce5ac7f1/changedetectionio/api/api_v1.py#L129-L156"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/402f1e47e78ecd155b1e90f30cce424ff7763e0f","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:15:02Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/402f1e47e78ecd155b1e90f30cce424ff7763e0f"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-hcvp-2cc7-jrwr","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:15:02Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-hcvp-2cc7-jrwr"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/changedetection-io/PYSEC-2024-15.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/changedetection-io/PYSEC-2024-15.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23329","reference_id":"CVE-2024-23329","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"1.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23329"},{"reference_url":"https://github.com/advisories/GHSA-hcvp-2cc7-jrwr","reference_id":"GHSA-hcvp-2cc7-jrwr","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hcvp-2cc7-jrwr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67392?format=json","purl":"pkg:pypi/changedetection.io@0.45.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19w6-swde-rfdt"},{"vulnerability":"VCID-55md-32mp-q3ay"},{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-fk4s-1dw3-sqag"},{"vulnerability":"VCID-jjxw-quf6-hfdu"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-requ-9wsu-mycc"},{"vulnerability":"VCID-t1zm-h2h4-9fep"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.45.13"}],"aliases":["CVE-2024-23329","GHSA-hcvp-2cc7-jrwr","PYSEC-2024-15"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-esz6-geex-bucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/254629?format=json","vulnerability_id":"VCID-fk4s-1dw3-sqag","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32651","reference_id":"","reference_type":"","scores":[{"value":"0.92087","scoring_system":"epss","scoring_elements":"0.99721","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32651"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.45.21","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-06-07T19:43:06Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.45.21"},{"reference_url":"https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-06-07T19:43:06Z/"}],"url":"https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32651","reference_id":"CVE-2024-32651","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32651"},{"reference_url":"https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/","reference_id":"cve-2024-32651-server-side-template-injection-changedetection-io","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-06-07T19:43:06Z/"}],"url":"https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/"},{"reference_url":"https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io","reference_id":"CVE-2024-32651-SERVER-SIDE-TEMPLATE-INJECTION-CHANGEDETECTION-IO","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io"},{"reference_url":"https://github.com/advisories/GHSA-4r7v-whpg-8rx3","reference_id":"GHSA-4r7v-whpg-8rx3","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4r7v-whpg-8rx3"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3","reference_id":"GHSA-4r7v-whpg-8rx3","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-06-07T19:43:06Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83216?format=json","purl":"pkg:pypi/changedetection.io@0.45.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19w6-swde-rfdt"},{"vulnerability":"VCID-55md-32mp-q3ay"},{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-jjxw-quf6-hfdu"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-requ-9wsu-mycc"},{"vulnerability":"VCID-t1zm-h2h4-9fep"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.45.21"}],"aliases":["CVE-2024-32651","GHSA-4r7v-whpg-8rx3"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fk4s-1dw3-sqag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/269618?format=json","vulnerability_id":"VCID-jjxw-quf6-hfdu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51998","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34241","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51998"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/blob/e0abf0b50507a8a3d0c1d8522ab23519b3e4cdf4/changedetectionio/model/Watch.py#L11-L13","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T15:23:17Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/blob/e0abf0b50507a8a3d0c1d8522ab23519b3e4cdf4/changedetectionio/model/Watch.py#L11-L13"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/blob/e0abf0b50507a8a3d0c1d8522ab23519b3e4cdf4/changedetectionio/processors/__init__.py#L37-L41","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/blob/e0abf0b50507a8a3d0c1d8522ab23519b3e4cdf4/changedetectionio/processors/__init__.py#L37-L41"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/49bc982c697169c98b79698889fb9d26f6b3317f","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T15:23:17Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/49bc982c697169c98b79698889fb9d26f6b3317f"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.47.06","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.47.06"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-6jrf-rcjf-245r","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T15:23:17Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-6jrf-rcjf-245r"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51998","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"7.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51998"},{"reference_url":"https://github.com/advisories/GHSA-6jrf-rcjf-245r","reference_id":"GHSA-6jrf-rcjf-245r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6jrf-rcjf-245r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/187918?format=json","purl":"pkg:pypi/changedetection.io@0.47.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19w6-swde-rfdt"},{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-requ-9wsu-mycc"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.47.6"}],"aliases":["CVE-2024-51998","GHSA-6jrf-rcjf-245r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jjxw-quf6-hfdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329243?format=json","vulnerability_id":"VCID-mt8f-kjhk-rka1","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33981","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33981"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T18:36:19Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T18:36:19Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T18:36:19Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33981","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33981"},{"reference_url":"https://github.com/advisories/GHSA-58r7-4wr5-hfx8","reference_id":"GHSA-58r7-4wr5-hfx8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-58r7-4wr5-hfx8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/190919?format=json","purl":"pkg:pypi/changedetection.io@0.54.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ek84-hjsn-yya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.54.7"}],"aliases":["CVE-2026-33981","GHSA-58r7-4wr5-hfx8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mt8f-kjhk-rka1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23087?format=json","vulnerability_id":"VCID-qxe7-pu28-3ub3","summary":"changedetection.io has Zip Slip vulnerability in the backup restore functionality\nA Zip Slip vulnerability in the backup restore functionality allows arbitrary file overwrite via path traversal in uploaded ZIP archives.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29065","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09345","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29065"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-09T19:59:02Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-09T19:59:02Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29065","reference_id":"CVE-2026-29065","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29065"},{"reference_url":"https://github.com/advisories/GHSA-25g8-2mcf-fcx9","reference_id":"GHSA-25g8-2mcf-fcx9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-25g8-2mcf-fcx9"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9","reference_id":"GHSA-25g8-2mcf-fcx9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-09T19:59:02Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73231?format=json","purl":"pkg:pypi/changedetection.io@0.54.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.54.4"}],"aliases":["CVE-2026-29065","GHSA-25g8-2mcf-fcx9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qxe7-pu28-3ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/272094?format=json","vulnerability_id":"VCID-requ-9wsu-mycc","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56509","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26616","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56509"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/4419bc0e61d0b03c588bd573a3602bbcfd953671","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/4419bc0e61d0b03c588bd573a3602bbcfd953671"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-27T20:55:06Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-27T20:55:06Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56509","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56509"},{"reference_url":"https://github.com/advisories/GHSA-j5vv-6wjg-cfr8","reference_id":"GHSA-j5vv-6wjg-cfr8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j5vv-6wjg-cfr8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/187422?format=json","purl":"pkg:pypi/changedetection.io@0.48.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19w6-swde-rfdt"},{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.48.5"}],"aliases":["CVE-2024-56509","GHSA-j5vv-6wjg-cfr8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-requ-9wsu-mycc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/255595?format=json","vulnerability_id":"VCID-t1zm-h2h4-9fep","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34061","reference_id":"","reference_type":"","scores":[{"value":"0.2769","scoring_system":"epss","scoring_elements":"0.96531","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34061"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/blob/0.45.21/changedetectionio/forms.py#L226","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/blob/0.45.21/changedetectionio/forms.py#L226"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/c0f000b1d1ce03733460805dbbedde445fe2c762","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T15:39:27Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/c0f000b1d1ce03733460805dbbedde445fe2c762"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34061","reference_id":"CVE-2024-34061","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34061"},{"reference_url":"https://github.com/advisories/GHSA-pwgc-w4x9-gw67","reference_id":"GHSA-pwgc-w4x9-gw67","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pwgc-w4x9-gw67"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-pwgc-w4x9-gw67","reference_id":"GHSA-pwgc-w4x9-gw67","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T15:39:27Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-pwgc-w4x9-gw67"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/80912?format=json","purl":"pkg:pypi/changedetection.io@0.45.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19w6-swde-rfdt"},{"vulnerability":"VCID-55md-32mp-q3ay"},{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-jjxw-quf6-hfdu"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-requ-9wsu-mycc"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.45.22"}],"aliases":["CVE-2024-34061","GHSA-pwgc-w4x9-gw67"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1zm-h2h4-9fep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22804?format=json","vulnerability_id":"VCID-x3g5-3e32-jkam","summary":"changedetection.io Vulnerable to Reflected XSS in RSS Single Watch Error Response\nThree security vulnerabilities were identified in [changedetection.io](http://changedetection.io/) through source code review and live validation against a locally deployed Docker instance. All vulnerabilities were confirmed exploitable on the latest version (0.53.6) it was additionally validated at scale against 500 internet-facing instances discovered via FOFA search engine, producing 5K+ confirmed detections using a custom Nuclei template, demonstrating widespread real-world impact.\nThe RSS single-watch endpoint reflects the UUID path parameter directly in the HTTP response body without HTML escaping. Since Flask returns text/html by default for plain string responses, the browser parses and executes injected JavaScript.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27645","reference_id":"","reference_type":"","scores":[{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72684","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27645"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/commit/a385c89abf44b52fcfa20c7c6a6dd3047c4c1eb5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:55:52Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/commit/a385c89abf44b52fcfa20c7c6a6dd3047c4c1eb5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27645","reference_id":"CVE-2026-27645","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27645"},{"reference_url":"https://github.com/advisories/GHSA-mw8m-398g-h89w","reference_id":"GHSA-mw8m-398g-h89w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mw8m-398g-h89w"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-mw8m-398g-h89w","reference_id":"GHSA-mw8m-398g-h89w","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-25T14:55:52Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-mw8m-398g-h89w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73069?format=json","purl":"pkg:pypi/changedetection.io@0.53.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.53.7"}],"aliases":["CVE-2026-27645","GHSA-mw8m-398g-h89w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3g5-3e32-jkam"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8719?format=json","vulnerability_id":"VCID-f8c5-jdxv-x7a7","summary":"Changedetection.io before v0.40.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the main page. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL parameter under the \"Add a new change detection watch\" function.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24769","reference_id":"","reference_type":"","scores":[{"value":"0.00751","scoring_system":"epss","scoring_elements":"0.73477","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24769"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/issues/1358","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:52:55Z/"}],"url":"https://github.com/dgtlmoon/changedetection.io/issues/1358"},{"reference_url":"https://github.com/dgtlmoon/changedetection.io/pull/1359","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dgtlmoon/changedetection.io/pull/1359"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/changedetection-io/PYSEC-2023-10.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/changedetection-io/PYSEC-2023-10.yaml"},{"reference_url":"https://www.youtube.com/watch?v=TRTpRlkU3Hc","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:52:55Z/"}],"url":"https://www.youtube.com/watch?v=TRTpRlkU3Hc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24769","reference_id":"CVE-2023-24769","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24769"},{"reference_url":"https://www.edoardoottavianelli.it/CVE-2023-24769","reference_id":"CVE-2023-24769","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:52:55Z/"}],"url":"https://www.edoardoottavianelli.it/CVE-2023-24769"},{"reference_url":"https://github.com/advisories/GHSA-68wj-c2jw-5pp9","reference_id":"GHSA-68wj-c2jw-5pp9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-68wj-c2jw-5pp9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62830?format=json","purl":"pkg:pypi/changedetection.io@0.40.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19w6-swde-rfdt"},{"vulnerability":"VCID-55md-32mp-q3ay"},{"vulnerability":"VCID-6b2k-t4bg-9kfs"},{"vulnerability":"VCID-8sjp-t56z-23ga"},{"vulnerability":"VCID-a156-qupb-eqcv"},{"vulnerability":"VCID-dwrn-bx2z-9bdg"},{"vulnerability":"VCID-ek84-hjsn-yya7"},{"vulnerability":"VCID-esz6-geex-bucb"},{"vulnerability":"VCID-fk4s-1dw3-sqag"},{"vulnerability":"VCID-jjxw-quf6-hfdu"},{"vulnerability":"VCID-mt8f-kjhk-rka1"},{"vulnerability":"VCID-qxe7-pu28-3ub3"},{"vulnerability":"VCID-requ-9wsu-mycc"},{"vulnerability":"VCID-t1zm-h2h4-9fep"},{"vulnerability":"VCID-x3g5-3e32-jkam"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.40.2"}],"aliases":["CVE-2023-24769","GHSA-68wj-c2jw-5pp9","PYSEC-2023-10"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8c5-jdxv-x7a7"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/changedetection.io@0.40.2"}