CVE Catalog

CVE-2026-35000

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.28%

20th percentile - higher than 20% of all known CVEs

Summary

A vulnerability in ChangeDetection.io before version 0.54.7 allows bypassing protections in the SafeXPath3Parser. Attackers can read arbitrary local files using unblocked XPath 3.0/3.1 functions like json-doc().

Risk Assessment

The risk involves potential theft of sensitive data from the server's filesystem, such as configuration files, passwords, or API keys.

Recommendation

Immediately upgrade ChangeDetection.io to version 0.54.7 or later, which includes a complete blocklist of dangerous XPath functions.

Original NVD description (English source)

ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the SafeXPath3Parser implementation that allows attackers to read arbitrary local files by using unblocked XPath 3.0/3.1 functions such as json-doc() and similar file-access primitives. Attackers can exploit the incomplete blocklist of dangerous XPath functions to access sensitive data from the local filesystem.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS