CVE-2026-29183
published 2026-03-06CVE-2026-29183: SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API…
PriorityP342medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
0.63%
45.4th percentile
SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint "GET /api/icon/getDynamicIcon" when type=8, attacker-controlled content is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns image/svg+xml, a crafted URL can inject executable SVG/HTML event handlers (for example onerror) and run JavaScript in the SiYuan web origin. This can be chained to perform authenticated API actions and exfiltrate sensitive data when a logged-in user opens the malicious link. This issue has been patched in version 3.5.9.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| b3log | siyuan | < 3.5.9 | 3.5.9 |
| b3log | siyuan | < 3.5.10 | 3.5.10 |
| github.com | siyuan-note_siyuan | 0 – 0.0.0-20260313024916-fd6526133bb3 | — |
| github.com | siyuan-note_siyuan_kernel | >= 0 < 0.0.0-20260304034809-d68bd5a79391 | 0.0.0-20260304034809-d68bd5a79391 |
| github.com | siyuan-note_siyuan_kernel | >= 0 < 0.0.0-20260310025236-297bd526708f | 0.0.0-20260310025236-297bd526708f |
| siyuan-note | siyuan | < 3.6.1 | 3.6.1 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
ghsa6.1MEDIUM
osv6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183) in github.com/siyuan-note/siyuan
osv·2026-03-26·CVSS 6.1
CVE-2026-32940 [MEDIUM] SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183) in github.com/siyuan-note/siyuan
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183) in github.com/siyuan-note/siyuan
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183) in github.com/siyuan-note/siyuan
OSV
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
osv·2026-03-17·CVSS 6.1
CVE-2026-32940 [MEDIUM] SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
# SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
`SanitizeSVG` blocks `data:text/html` and `data:image/svg+xml` in href attributes but misses `data:text/xml` and `data:application/xml`. Both render SVG with `onload` JavaScript execution (confirmed in Chromium 136, other browsers untested).
`/api/icon/getDynamicIcon` is unauthenticated and serves SVG as `Content-Type: image/svg+xml`. The `content` parameter (type=8) gets embedded into the SVG via `fmt.Sprintf` with no escaping. The sanitizer catches `data:text/html` but `data:text/xml` passes the blocklist -- only three MIME types are checked.
This is a click-through XSS: victim visits the c
GHSA
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
ghsa·2026-03-17·CVSS 6.1
CVE-2026-32940 [MEDIUM] CWE-184 SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
# SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183)
`SanitizeSVG` blocks `data:text/html` and `data:image/svg+xml` in href attributes but misses `data:text/xml` and `data:application/xml`. Both render SVG with `onload` JavaScript execution (confirmed in Chromium 136, other browsers untested).
`/api/icon/getDynamicIcon` is unauthenticated and serves SVG as `Content-Type: image/svg+xml`. The `content` parameter (type=8) gets embedded into the SVG via `fmt.Sprintf` with no escaping. The sanitizer catches `data:text/html` but `data:text/xml` passes the blocklist -- only three MIME types are checked.
This is a click-through XSS: victim visits the c
GHSA
SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
ghsa·2026-03-10·CVSS 6.1
CVE-2026-31809 [MEDIUM] CWE-79 SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
# SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
## Summary
SiYuan's SVG sanitizer (`SanitizeSVG`) checks `href` attributes for the `javascript:` prefix using `strings.HasPrefix()`. However, inserting ASCII tab (` `), newline (`
`), or carriage return (` `) characters inside the `javascript:` string bypasses this prefix check. Browsers strip these characters per the WHATWG URL specification before parsing the URL scheme, so the JavaScript still executes. This allows an attacker to inject executable JavaScript into the unauthenticated `/api/icon/getDynamicIcon` endpoint, creating a reflected XSS.
This is a second bypass of the fix for CVE-2026-29183 (fixed in v3.5.
OSV
SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
osv·2026-03-10·CVSS 6.1
CVE-2026-31809 [MEDIUM] SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
# SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
## Summary
SiYuan's SVG sanitizer (`SanitizeSVG`) checks `href` attributes for the `javascript:` prefix using `strings.HasPrefix()`. However, inserting ASCII tab (` `), newline (`
`), or carriage return (` `) characters inside the `javascript:` string bypasses this prefix check. Browsers strip these characters per the WHATWG URL specification before parsing the URL scheme, so the JavaScript still executes. This allows an attacker to inject executable JavaScript into the unauthenticated `/api/icon/getDynamicIcon` endpoint, creating a reflected XSS.
This is a second bypass of the fix for CVE-2026-29183 (fixed in v3.5.
OSV
SiYuan has a SVG Sanitizer Bypass via `<animate>` Element — Unauthenticated XSS
osv·2026-03-10·CVSS 6.1
CVE-2026-31807 [MEDIUM] SiYuan has a SVG Sanitizer Bypass via `<animate>` Element — Unauthenticated XSS
SiYuan has a SVG Sanitizer Bypass via `` Element — Unauthenticated XSS
# SVG Sanitizer Bypass via `` Element — Unauthenticated XSS
## Summary
SiYuan's SVG sanitizer (`SanitizeSVG`) blocks dangerous elements (``, ``, ``) and removes `on*` event handlers and `javascript:` in `href` attributes. However, it does NOT block SVG animation elements (``, ``) which can dynamically set attributes to dangerous values at runtime, bypassing the static sanitization. This allows an attacker to inject executable JavaScript into the unauthenticated `/api/icon/getDynamicIcon` endpoint (type=8), creating a reflected XSS.
This is a bypass of the fix for CVE-2026-29183 (fixed in v3.5.9).
## Affected Component
- **File:** `kernel/util/misc.go`
- **Function:** `SanitizeSVG()` (lines 234-319)
- **Endpoint:**
GHSA
SiYuan has a SVG Sanitizer Bypass via `<animate>` Element — Unauthenticated XSS
ghsa·2026-03-10·CVSS 6.1
CVE-2026-31807 [MEDIUM] CWE-79 SiYuan has a SVG Sanitizer Bypass via `<animate>` Element — Unauthenticated XSS
SiYuan has a SVG Sanitizer Bypass via `` Element — Unauthenticated XSS
# SVG Sanitizer Bypass via `` Element — Unauthenticated XSS
## Summary
SiYuan's SVG sanitizer (`SanitizeSVG`) blocks dangerous elements (``, ``, ``) and removes `on*` event handlers and `javascript:` in `href` attributes. However, it does NOT block SVG animation elements (``, ``) which can dynamically set attributes to dangerous values at runtime, bypassing the static sanitization. This allows an attacker to inject executable JavaScript into the unauthenticated `/api/icon/getDynamicIcon` endpoint (type=8), creating a reflected XSS.
This is a bypass of the fix for CVE-2026-29183 (fixed in v3.5.9).
## Affected Component
- **File:** `kernel/util/misc.go`
- **Function:** `SanitizeSVG()` (lines 234-319)
- **Endpoint:**
OSV
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint in github.com/siyuan-note/siyuan/kernel
osv·2026-03-10
CVE-2026-29183 SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint in github.com/siyuan-note/siyuan/kernel
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint in github.com/siyuan-note/siyuan/kernel
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint in github.com/siyuan-note/siyuan/kernel
OSV
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
osv·2026-03-04
CVE-2026-29183 [CRITICAL] SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
### Summary
An unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint:
- `GET /api/icon/getDynamicIcon`
When `type=8`, attacker-controlled `content` is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns `image/svg+xml`, a crafted URL can inject executable SVG/HTML event handlers (for example `onerror`) and run JavaScript in the SiYuan web origin.
This can be chained to perform authenticated API actions and exfiltrate sensitive data when a logged-in user opens the malicious link.
### Details
The issue is caused by unsafe output construction and incomplete sanitization:
1. **Endpoint is exposed without auth middleware**
-
GHSA
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
ghsa·2026-03-04
CVE-2026-29183 [CRITICAL] CWE-79 SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
### Summary
An unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint:
- `GET /api/icon/getDynamicIcon`
When `type=8`, attacker-controlled `content` is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns `image/svg+xml`, a crafted URL can inject executable SVG/HTML event handlers (for example `onerror`) and run JavaScript in the SiYuan web origin.
This can be chained to perform authenticated API actions and exfiltrate sensitive data when a logged-in user opens the malicious link.
### Details
The issue is caused by unsafe output construction and incomplete sanitization:
1. **Endpoint is exposed without auth middleware**
-
No detection rules found.
Nuclei
SiYuan Note - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2026-29183 [MEDIUM] SiYuan Note - Cross-Site Scripting
SiYuan Note - Cross-Site Scripting
Unauthenticated reflected cross-site scripting (XSS) vulnerability in all versions of SiYuan Note containing `/api/icon/getDynamicIcon` with unsafe `type=8` rendering logic. Attacker-controlled `content` is inserted directly into SVG output without proper sanitization. An attacker can execute arbitrary JavaScript in users' browsers when they visit a crafted malicious link.
Template:
id: CVE-2026-29183
info:
name: SiYuan Note - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
Unauthenticated reflected cross-site scripting (XSS) vulnerability in all versions of SiYuan Note containing `/api/icon/getDynamicIcon` with unsafe `type=8` rendering logic. Attacker-controlled `content` is inserted directly into SVG output without proper
Wiz
CVE-2026-31807 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-31807 [CRITICAL] CVE-2026-31807 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-31807 :
Homebrew vulnerability analysis and mitigation
SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer (SanitizeSVG) blocks dangerous elements ( , , ) and removes on* event handlers and javascript: in href attributes. However, it does NOT block SVG animation elements ( , ) which can dynamically set attributes to dangerous values at runtime, bypassing the static sanitization. This allows an attacker to inject executable JavaScript into the unauthenticated /api/icon/getDynamicIcon endpoint (type=8), creating a reflected XSS. This is a bypass of the fix for CVE-2026-29183 (fixed in v3.5.9). This vulnerability is fixed in v3.5.10.
Source : NVD
## 6.4
Score
Published March 10, 2026
Severity MEDIUM
CNA Score 6.4
Affected Technologi
Wiz
CVE-2026-31809 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-31809 [CRITICAL] CVE-2026-31809 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-31809 :
Homebrew vulnerability analysis and mitigation
SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer (SanitizeSVG) checks href attributes for the javascript: prefix using strings.HasPrefix(). However, inserting ASCII tab ( ), newline (
), or carriage return (
) characters inside the javascript: string bypasses this prefix check. Browsers strip these characters per the WHATWG URL specification before parsing the URL scheme, so the JavaScript still executes. This allows an attacker to inject executable JavaScript into the unauthenticated /api/icon/getDynamicIcon endpoint, creating a reflected XSS. This is a second bypass of the fix for CVE-2026-29183 (fixed in v3.5.9). This vulnerability is fixed in 3.5.10.
Source : NVD
## 6.4
Sc
Wiz
CVE-2026-29183 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-29183 [CRITICAL] CVE-2026-29183 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-29183 :
Homebrew vulnerability analysis and mitigation
SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint "GET /api/icon/getDynamicIcon" when type=8, attacker-controlled content is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns image/svg+xml, a crafted URL can inject executable SVG/HTML event handlers (for example onerror) and run JavaScript in the SiYuan web origin. This can be chained to perform authenticated API actions and exfiltrate sensitive data when a logged-in user opens the malicious link. This issue has been patched in version 3.5.9.
Source : NVD
## 6.1
Score
Published March 6, 2026
Severity MEDIUM
CNA
2026-03-06
Published