CVE-2026-33981 | dgtlmoon changedetection.io up to 0.54.6 Environment Variable SALTED_PASS/PLAYWRIGHT_DRIVER_URL/HTTP_PROXY information disclosure (GHSA-58r7-4wr5-hfx8)

Inserito da Angelo Barbosa | Mar 27, 2026 | CVE

A vulnerability has been found in dgtlmoon changedetection.io up to 0.54.6 and classified as problematic. The affected element is an unknown function of the component Environment Variable Handler. Performing a manipulation of the argument SALTED_PASS/PLAYWRIGHT_DRIVER_URL/HTTP_PROXY results in information disclosure.

This vulnerability was named CVE-2026-33981. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2026-33981 | dgtlmoon changedetection.io up to 0.54.6 Environment Variable SALTED_PASS/PLAYWRIGHT_DRIVER_URL/HTTP_PROXY information disclosure (GHSA-58r7-4wr5-hfx8)

Post correlati

CVE-2024-53258 | Autolab download_all_submissions exposure of private personal information to an unauthorized actor (1aa4c769)

CVE-2024-6057 | Devolutions Remote Desktop Manager up to 2024.1.31.0 Offline Mode improper authentication (DEVO-2024-0008)

CVE-2024-21937 | AMD Software PRO Edition HIP SDK Installation default permission

CVE-2025-5618 | PHPGurukul Online Fire Reporting System 1.2 /admin/edit-team.php teamid sql injection