{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-29065", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-03T20:51:43.482Z", "datePublished": "2026-03-06T06:54:27.792Z", "dateUpdated": "2026-03-09T19:59:16.113Z"}, "containers": {"cna": {"title": "changedetection.io: Zip Slip vulnerability in the backup restore functionality", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "version": "4.0"}}], "references": [{"name": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9"}, {"name": "https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa", "tags": ["x_refsource_MISC"], "url": "https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa"}, {"name": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4"}], "affected": [{"vendor": "dgtlmoon", "product": "changedetection.io", "versions": [{"version": "< 0.54.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T06:54:27.792Z"}, "descriptions": [{"lang": "en", "value": "changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerability in the backup restore functionality allows arbitrary file overwrite via path traversal in uploaded ZIP archives. This issue has been patched in version 0.54.4."}], "source": {"advisory": "GHSA-25g8-2mcf-fcx9", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T19:59:02.791740Z", "id": "CVE-2026-29065", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T19:59:16.113Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-29065", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-09T19:59:02.791740Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T19:59:10.639Z"}}], "cna": {"title": "changedetection.io: Zip Slip vulnerability in the backup restore functionality", "source": {"advisory": "GHSA-25g8-2mcf-fcx9", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "dgtlmoon", "product": "changedetection.io", "versions": [{"status": "affected", "version": "< 0.54.4"}]}], "references": [{"url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9", "name": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa", "name": "https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4", "name": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerability in the backup restore functionality allows arbitrary file overwrite via path traversal in uploaded ZIP archives. This issue has been patched in version 0.54.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T06:54:27.792Z"}}}, "cveMetadata": {"cveId": "CVE-2026-29065", "state": "PUBLISHED", "dateUpdated": "2026-03-09T19:59:16.113Z", "dateReserved": "2026-03-03T20:51:43.482Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-06T06:54:27.792Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webtechnologies:changedetection:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4C1D55D-C25D-433D-98EA-A9C3336210DE", "versionEndExcluding": "0.54.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerability in the backup restore functionality allows arbitrary file overwrite via path traversal in uploaded ZIP archives. This issue has been patched in version 0.54.4."}, {"lang": "es", "value": "changedetection.io es una herramienta gratuita de c\u00f3digo abierto para la detecci\u00f3n de cambios en p\u00e1ginas web. Antes de la versi\u00f3n 0.54.4, una vulnerabilidad Zip Slip en la funcionalidad de restauraci\u00f3n de copias de seguridad permite la sobrescritura arbitraria de archivos mediante salto de ruta en archivos ZIP subidos. Este problema ha sido parcheado en la versi\u00f3n 0.54.4."}], "id": "CVE-2026-29065", "lastModified": "2026-03-10T20:00:57.860", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-06T07:16:02.437", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.54.4)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "changedetection.io", "source": "cna", "vendor": "dgtlmoon"}, "product": "changedetection.io", "vendor": "dgtlmoon"}], "analysis": {"en": {"generated_at": "2026-04-17T12:23:07.764548+00:00", "value": {"mitigation_remediation": ["Upgrade changedetection.io to version\u00a00.54.4 or later to apply the vendor fix for the zip slip issue.", "If upgrading cannot be performed immediately, limit the backup restore functionality to trusted administrators only or disable the feature until a patch is available.", "Implement input validation that detects and rejects ZIP entries containing path traversal characters before extraction, following best practices for mitigating CWE\u201122."], "summary": {"action": "Apply Patch", "impact": "Arbitrary File Overwrite"}, "threat_synthesis": {"affected_systems": "The affected product is dgtlmoon's changedetection.io, an open\u2011source web page change detection service. All releases prior to version\u00a00.54.4 are vulnerable. The security advisory indicates that patching to version\u00a00.54.4 or later resolves the issue.", "description_and_impact": "A zip slip flaw in the backup restore function of changedetection.io enables an attacker to craft a ZIP archive that extracts files to arbitrary locations on the server, resulting in overwriting existing files. The vulnerability is associated with CWE\u201122 path traversal. Based on the description, it is inferred that overwriting executable or configuration files could lead to remote code execution or disruption of service, although the CVE does not explicitly state these outcomes.", "risk_and_exploitability": "The CVSS score of 8.8 classifies the flaw as high severity, and the EPSS score of less than 1% indicates a low but non\u2011zero probability of exploitation. The risk is highest when the backup restore endpoint is exposed to users without strong authentication or authorization controls. Although the vulnerability is not listed in CISA's KEV catalog, the potential for critical file overwrite warrants swift remediation. The likely attack vector is remote: an attacker uploads a malicious ZIP during a restoration operation and triggers the path traversal when the archive is unpacked."}}}}, "created": "2026-03-06T14:55:31.545266+00:00", "updated": "2026-04-17T12:30:06.234878+00:00", "vendors": ["dgtlmoon", "dgtlmoon$PRODUCT$changedetection.io"]}