Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

dgtlmoon — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting dgtlmoon. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by dgtlmoon:changedetection.io
CVE IDTitleCVSSSeverityPublished
CVE-2026-35490 changedetection.io has an Authentication Bypass via Decorator Ordering — changedetection.ioCWE-863 9.8 Critical2026-04-07
CVE-2026-35000 ChangeDetection.io < 0.54.7 SafeXPath3Parser Bypass Arbitrary File Read — ChangeDetection.ioCWE-184 6.5 Medium2026-04-01
CVE-2026-33981 Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters — changedetection.ioCWE-200 7.5 -2026-03-27
CVE-2026-29065 changedetection.io: Zip Slip vulnerability in the backup restore functionality — changedetection.ioCWE-22 6.5 -2026-03-06
CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text() — changedetection.ioCWE-94 6.5 -2026-03-06
CVE-2026-29038 changedetection.io: Reflected XSS in RSS Tag Error Response — changedetection.ioCWE-79 6.1 Medium2026-03-06
CVE-2026-27696 changedetection.io Vulnerable to Server-Side Request Forgery (SSRF) via Watch URLs — changedetection.ioCWE-918 8.6 High2026-02-25
CVE-2026-27645 changedetection.io Vulnerable to Reflected XSS in RSS Single Watch Error Response — changedetection.ioCWE-79 6.1 Medium2026-02-25
CVE-2026-25527 changedetection.io vulnerable to unauthenticated static path traversal — changedetection.ioCWE-22 5.3 Medium2026-02-19
CVE-2025-62780 changedetection.io vulnerable to stored XSS in Watch update via API — changedetection.ioCWE-79 3.5 Low2025-11-10
CVE-2025-52558 ChangeDetection.io XSS in watch overview — changedetection.ioCWE-79 5.4AIMediumAI2025-06-23
CVE-2024-56509 changedetection.io has Improper Input Validation Leading to LFR/Path Traversal — changedetection.ioCWE-200 8.6 High2024-12-27
CVE-2024-51998 Path traversal using file URI scheme without supplying hostname in changedetection.io — changedetection.ioCWE-22 8.6 High2024-11-07
CVE-2024-51483 changedetection.io Path Traversal vulnerability — changedetection.ioCWE-22 6.5AIMediumAI2024-11-01
CVE-2024-34061 Reflected cross site scripting in changedetection.io — changedetection.ioCWE-79 4.3 Medium2024-05-02
CVE-2024-32651 Server Side Template Injection in Jinja2 allows Remote Command Execution — changedetection.ioCWE-1336 10.0 Critical2024-04-25
CVE-2024-23329 changedetection.io API endpoint is not secured with API token — changedetection.ioCWE-863 3.7 Low2024-01-19

This page lists every published CVE security advisory associated with dgtlmoon. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.