What is the CVSS score of CVE-2026-27696?

CVE-2026-27696 has a CVSS 3.1 base score of 8.6 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of Changedetection are affected by CVE-2026-27696?

CVE-2026-27696 affects changedetection.io, a web monitoring tool, with HIGH severity (CVSS 8.6) and active public exploits available.. A patch is available.

Is there a public PoC exploit available for CVE-2026-27696?

Yes, a public proof-of-concept exploit is available for CVE-2026-27696. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-27696?

Within 24 hours: Identify all changedetection.io instances in your environment and assess current version/patch status. Within 7 days: Apply the available vendor patch to all identified instances and validate successful deployment. Within 30 days: Conduct post-patch security testing and update asset inventory to reflect patched status.

Changedetection CVE-2026-27696

HIGH

Server-Side Request Forgery (SSRF) (CWE-918)

2026-02-25 security-advisories@github.com

GHSA-3c45-4pj5-ch7m

SSRF Changedetection

8.6

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

8.6 HIGH

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Feb 26, 2026 - 15:34 vuln.today

Public exploit code

Patch released

Feb 26, 2026 - 15:34 nvd

Patch available

CVE Published

Feb 25, 2026 - 05:17 nvd

HIGH 8.6

DescriptionGitHub Advisory

changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, changedetection.io is vulnerable to Server-Side Request Forgery (SSRF) because the URL validation function is_safe_valid_url() does not validate the resolved IP address of watch URLs against private, loopback, or link-local address ranges. An authenticated user (or any user when no password is configured, which is the default) can add a watch for internal network URLs. The application fetches these URLs server-side, stores the response content, and makes it viewable through the web UI - enabling full data exfiltration from internal services. Version 0.54.1 contains a fix for the issue.

AnalysisAI

changedetection.io is a free open source web page change detection tool. [CVSS 8.6 HIGH]

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Add watch URL with internal IP address

Exploit

Application resolves domain to private IP

Execution

Server fetches internal resource

Impact

Response content stored and exposed via web UI

Access

Add watch URL with internal IP address

Exploit

Application resolves domain to private IP

Execution

Server fetches internal resource

Impact

Response content stored and exposed via web UI

Vulnerability AssessmentAI

Exploitation	changedetection.io versions prior to 0.54.1 with default configuration (no password protection). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 8.6 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A remote attacker (requires authentication) could exploit this vulnerability to compromise the affected system.
Remediation	A vendor patch is available — apply it immediately. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all changedetection.io instances in your environment and assess current version/patch status. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-27696 vulnerability details – vuln.today

Back

Changedetection CVE-2026-27696

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code