CVE-2026-27696 | dgtlmoon changedetection.io up to 0.54.0 URL Validation is_safe_valid_url server-side request forgery (GHSA-3c45-4pj5-ch7m)

A vulnerability, which was classified as critical, was found in dgtlmoon changedetection.io up to 0.54.0. This affects the function is_safe_valid_url of the component URL Validation Handler. Executing a manipulation can lead to server-side request forgery.

The identification of this vulnerability is CVE-2026-27696. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More