cbcvebase.
CVE-2026-25539
published 2026-02-04

CVE-2026-25539: SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing…

PriorityP351high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
1.02%
59.0th percentile
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution (RCE) by writing to sensitive locations such as cron jobs, SSH authorized_keys, or shell configuration files. This issue has been patched in version 3.5.5.

Affected

3 ranges
VendorProductVersion rangeFixed in
b3logsiyuan<= 3.5.3
github.comsiyuan-note_siyuan_kernel0 – 0.0.0-20260126094835-d5d10dd41b0c
siyuan-notesiyuan< 3.5.53.5.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.