changedetection.io project has an XXE vulnerability — CVE-2026-41895
GitHub · GitHub · CVE-2026-41895
ID
CVE-2026-41895
CVE-2026-41895
Date
Updated
Activity
Source
GitHub
GitHub
Vendor
GitHub
GitHub
Threat
high
high
CVSS
8.2
8.2
EPSS
0.00041
0.00041
Summary
# changedetection.io_XXE_01 Vulnerability Report: We discovered a XXE vulnerability in the changedetection.io project While analyzing the code logic, it was determined that an area may lead to unintended behavior under specific conditions. With the project's security in mind, see the analysis results to discern whether this may indicate a potential security risk. ## Overview - SOURCE_VERSION: `0.54.9…
Product
pip: changedetection.io
What to do
General, cautious steps (verify details in the official source):
- Prioritize patching or mitigation immediately (treat as actively risky).
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.