HomeCVE Intelligence › CVE-2026-41895
CVSS 7.5 HIGH Vulnerability

CVE-2026-41895: changedetection.io project has an XXE vulnerability

changedetection.io_XXE_01 Vulnerability Report: We discovered a XXE vulnerability in the changedetection.io project While analyzing the code logic, it was determined that an area may lead to unintended behavior under sp…

7.5CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-41895
Vendorpip
Affected Productchangedetection.io
Vulnerability TypeVulnerability
CVSS Score7.5 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

changedetection.io_XXE_01 Vulnerability Report: We discovered a XXE vulnerability in the changedetection.io project While analyzing the code logic, it was determined that an area may lead to unintended behavior under specific conditions. With the project's security in mind, see the analysis results to discern whether this may indicate a potential security risk.

Overview

• SOURCE_VERSION: 0.54.9 (9f3a9fdc18bba404244801e5df8109e213ce9ff4)
• Vulnerability type: XXE
• Finding title: XML XPath helpers parse untrusted XML with entity resolution left to lxml defaults
• Affected location: changedetectionio/html_tools.py:287

Root Cause

xpath_filter() switches to XML mode for XML/RSS content and creates etree.XMLParser(strip_cdata=False) without explicitly disabling external enti

🎯 Known Indicators of Compromise

{"type":"sha1","value":"9f3a9fdc18bba404244801e5df8109e213ce9ff4","confidence_score":0.9,"first_seen":"2026-05-04","source_count":1} {"type":"domain","value":"changedetection.io","confidence_score":0.75,"first_seen":"2026-05-04","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-41895 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence