CVE-2026-29065

UNKNOWN 0.0

changedetection.io: Zip Slip vulnerability in the backup restore functionality

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, a Zip Slip vulnerability in the backup restore functionality allows arbitrary file overwrite via path traversal in uploaded ZIP archives. This issue has been patched in version 0.54.4.

CWE	CWE-22
Vendor	dgtlmoon
Product	changedetection.io
Published	Mar 6, 2026
Last Updated	Mar 9, 2026

Stay Ahead of the Next One

Get instant alerts for dgtlmoon changedetection.io

Be the first to know when new unknown vulnerabilities affecting dgtlmoon changedetection.io are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

dgtlmoon / changedetection.io

< 0.54.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-25g8-2mcf-fcx9 github.com: https://github.com/dgtlmoon/changedetection.io/commit/1d7d812eb0faab37042246e2fbce04f29bb1b3aa github.com: https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.4