CVE-2026-35000 | dgtlmoon changedetection.io up to 0.54.6 SafeXPath3Parser json-doc incomplete blacklist

A vulnerability has been found in dgtlmoon changedetection.io up to 0.54.6 and classified as critical. Affected is the function json-doc of the component SafeXPath3Parser. The manipulation leads to incomplete blacklist.

This vulnerability is traded as CVE-2026-35000. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More