CVE-2026-35000 Overview
CVE-2026-35000 is a protection bypass vulnerability in ChangeDetection.io versions prior to 0.54.7 that allows attackers to read arbitrary local files. The vulnerability exists in the SafeXPath3Parser implementation, which fails to properly block dangerous XPath 3.0/3.1 functions such as json-doc() and similar file-access primitives. By exploiting the incomplete blocklist of dangerous XPath functions, attackers can access sensitive data from the local filesystem.
Critical Impact
Attackers with authenticated access can leverage unblocked XPath functions to read sensitive files from the server, potentially exposing configuration files, credentials, and other critical data.
Affected Products
- ChangeDetection.io versions prior to 0.54.7
Discovery Timeline
- 2026-04-01 - CVE CVE-2026-35000 published to NVD
- 2026-04-01 - Last updated in NVD database
Technical Details for CVE-2026-35000
Vulnerability Analysis
This vulnerability is classified under CWE-184 (Incomplete List of Disallowed Inputs), which occurs when a security mechanism relies on a blocklist that fails to enumerate all dangerous inputs. The SafeXPath3Parser in ChangeDetection.io was designed to prevent users from executing potentially harmful XPath functions that could access the filesystem or environment variables. However, the implementation contained an incomplete blocklist that omitted several dangerous XPath 3.0/3.1 functions.
The vulnerability allows network-based attackers with low-privilege access to exploit the incomplete function blocklist without requiring any user interaction. The primary impact is a high confidentiality breach, enabling unauthorized access to sensitive file contents on the host system.
Root Cause
The root cause of this vulnerability is an incomplete blocklist in the SafeXPath3Parser implementation. While the parser blocked known dangerous functions like doc(), unparsed-text(), and environment-variable(), it failed to include newer XPath 3.0/3.1 functions that provide similar file-access capabilities. Specifically, functions such as json-doc(), json-doc-available(), collection(), uri-collection(), transform(), and load-xquery-module() were not included in the original blocklist, allowing attackers to bypass the security controls.
Attack Vector
An attacker can exploit this vulnerability by crafting malicious XPath expressions that use the unblocked functions to read arbitrary files from the local filesystem. The attack is network-accessible and requires only low-privilege access to the ChangeDetection.io application. By using functions like json-doc() with a file URI pointing to a local file, attackers can retrieve the contents of sensitive files such as /etc/passwd, application configuration files, or any other files readable by the application process.
# Security patch adding missing XPath function blocks
# Source: https://github.com/dgtlmoon/changedetection.io/commit/dadc804567a51f803cd6715f7885c11a247915f6
'unparsed-text-available',
'doc',
'doc-available',
+ 'json-doc',
+ 'json-doc-available',
+ 'collection', # XPath 2.0+: loads XML node collections from arbitrary URIs
+ 'uri-collection', # XPath 3.0+: enumerates URIs from resource collections
+ 'transform', # XPath 3.1: XSLT transformation (currently raises, block proactively)
+ 'load-xquery-module', # XPath 3.1: loads XQuery modules (currently raises, block proactively)
'environment-variable',
'available-environment-variables',
]
Source: GitHub Commit Update
Detection Methods for CVE-2026-35000
Indicators of Compromise
- XPath queries containing json-doc(), json-doc-available(), collection(), uri-collection(), transform(), or load-xquery-module() functions in application logs
- Unusual file access patterns from the ChangeDetection.io process, particularly reads of sensitive system files
- Application error messages indicating XPath parsing failures or file access attempts
Detection Strategies
- Implement application-layer monitoring to detect XPath expressions containing potentially dangerous function calls
- Review application logs for any XPath expressions attempting to access file:// URIs or local filesystem paths
- Deploy file integrity monitoring on sensitive configuration files to detect unauthorized read attempts
Monitoring Recommendations
- Enable verbose logging for XPath query processing in ChangeDetection.io
- Monitor network traffic for unusual data exfiltration patterns that may indicate successful file reads
- Implement alerting for any XPath-related error messages that reference blocked functions
How to Mitigate CVE-2026-35000
Immediate Actions Required
- Upgrade ChangeDetection.io to version 0.54.7 or later immediately
- Review application logs for any evidence of exploitation attempts using the vulnerable XPath functions
- Audit any XPath expressions stored in the application for potentially malicious content
Patch Information
The vulnerability has been addressed in ChangeDetection.io version 0.54.7. The fix expands the blocklist in SafeXPath3Parser to include the previously unblocked XPath 3.0/3.1 functions. Users should update to this version or later by pulling the latest release from the official repository. For detailed information, refer to the GitHub Release 0.54.7 and the VulnCheck Security Advisory.
Workarounds
- If immediate patching is not possible, restrict network access to the ChangeDetection.io application to trusted users only
- Implement a web application firewall (WAF) rule to block XPath expressions containing the dangerous functions: json-doc, collection, uri-collection, transform, load-xquery-module
- Run the ChangeDetection.io application in a containerized environment with limited filesystem access to minimize potential impact
# Example: Restrict container filesystem access with Docker
docker run -d \
--read-only \
--tmpfs /tmp \
-v /app/data:/datastore:rw \
--security-opt=no-new-privileges \
dgtlmoon/changedetection.io:0.54.7
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
