Github.Com Siyuan-Note Siyuan Kernel vulnerabilities
47 known vulnerabilities affecting github.com/siyuan-note_siyuan_kernel.
Total CVEs
47
CISA KEV
0
Public exploits
6
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH20MEDIUM14LOW1
Vulnerabilities
Page 1 of 3
CVE-2026-33476P2HIGHPoC≥ 0, ≤ 0.0.0-20260317012524-fe4523fff2c82026-03-20
CVE-2026-33476 [HIGH] CWE-22 Siyuan has an Unauthenticated Arbitrary File Read via Path Traversal
Siyuan has an Unauthenticated Arbitrary File Read via Path Traversal
## Summary
The Siyuan kernel exposes an unauthenticated file-serving endpoint under **/appearance/*filepath.**
Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server process.
Authentication checks explicitly exclude this endpoint, allowing exploitation witho
ghsaosv
CVE-2026-34453P2HIGHPoC≥ 0, < 3.6.22026-03-31
CVE-2026-34453 [HIGH] CWE-863 SiYuan: Unauthenticated Access to Password-Protected Bookmarks via /api/bookmark/getBookmark
SiYuan: Unauthenticated Access to Password-Protected Bookmarks via /api/bookmark/getBookmark
### Summary
The publish service exposes bookmarked blocks from password-protected documents to unauthenticated visitors. In publish/read-only mode, `/api/bookmark/getBookmark` filters bookmark results by calling `FilterBlocksByPublishAccess(nil, ...)`. Because the filter treats a `n
ghsaosv
CVE-2026-30869P2CRITICALCVSS 9.8≥ 0, < 3.6.52026-04-22
CVE-2026-30869 [CRITICAL] CWE-22 SiYuan: Path Traversal via Double URL Encoding in `/export/` Endpoint (Incomplete Fix Bypass for CVE-2026-30869)
SiYuan: Path Traversal via Double URL Encoding in `/export/` Endpoint (Incomplete Fix Bypass for CVE-2026-30869)
### Summary
The fix for CVE-2026-30869 in SiYuan v3.5.10 only added a denylist check (`IsSensitivePath`) but did not address the root cause — a redundant `url.PathUnescape()` call in `serveExport()`. An authenticated attacker can use double
ghsaosv
CVE-2026-31809P3MEDIUMCVSS 6.1PoC≥ 0, < 0.0.0-20260310025236-297bd526708f2026-03-10
CVE-2026-31809 [MEDIUM] CWE-79 SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
SiYuan has a SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
# SVG Sanitizer Bypass via Whitespace in `javascript:` URI — Unauthenticated XSS
## Summary
SiYuan's SVG sanitizer (`SanitizeSVG`) checks `href` attributes for the `javascript:` prefix using `strings.HasPrefix()`. However, inserting ASCII tab (` `), newline (`
`), or carriage retur
ghsaosv
CVE-2026-32767P2CRITICAL≥ 0, ≤ 0.0.0-20260313024916-fd6526133bb32026-03-16
CVE-2026-32767 [CRITICAL] CWE-863 SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API
SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API
## Summary
SiYuan Note v3.6.0 (and likely prior versions) contains an authorization bypass vulnerability in the `/api/search/fullTextSearchBlock` endpoint. When the `method` parameter is set to `2`, the endpoint passes user-supplied input directly as a raw SQL statement to the underlying SQLite database without a
ghsaosv
CVE-2026-29183P3CRITICALPoC≥ 0, < 0.0.0-20260304034809-d68bd5a793912026-03-04
CVE-2026-29183 [CRITICAL] CWE-79 SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint
### Summary
An unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint:
- `GET /api/icon/getDynamicIcon`
When `type=8`, attacker-controlled `content` is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns `i
ghsaosv
CVE-2026-31807P3MEDIUMCVSS 6.1PoC≥ 0, < 0.0.0-20260310025236-297bd526708f2026-03-10
CVE-2026-31807 [MEDIUM] CWE-79 SiYuan has a SVG Sanitizer Bypass via `<animate>` Element — Unauthenticated XSS
SiYuan has a SVG Sanitizer Bypass via `` Element — Unauthenticated XSS
# SVG Sanitizer Bypass via `` Element — Unauthenticated XSS
## Summary
SiYuan's SVG sanitizer (`SanitizeSVG`) blocks dangerous elements (``, ``, ``) and removes `on*` event handlers and `javascript:` in `href` attributes. However, it does NOT block SVG animation elements (``, ``) which can dynamically set attribut
ghsaosv
CVE-2026-34449P2CRITICAL≥ 0, < 3.6.22026-03-31
CVE-2026-34449 [CRITICAL] CWE-942 SiYuan is Vulnerable to Cross-Origin RCE via Permissive CORS Policy and JavaScript Snippet Injection
SiYuan is Vulnerable to Cross-Origin RCE via Permissive CORS Policy and JavaScript Snippet Injection
### Summary
A malicious website can achieve Remote Code Execution (RCE) on any desktop running SiYuan by exploiting the permissive CORS policy (`Access-Control-Allow-Origin: *` + `Access-Control-Allow-Private-Network: true`) to inject a JavaScript snippet via th
ghsaosv
CVE-2026-34605P3HIGHPoC≥ 0, < 0.0.0-20260330031106-f09953afc57a2026-04-01
CVE-2026-34605 [HIGH] CWE-79 SiYuan vulnerable to reflected XSS via SVG namespace prefix bypass in SanitizeSVG (getDynamicIcon, unauthenticated)
SiYuan vulnerable to reflected XSS via SVG namespace prefix bypass in SanitizeSVG (getDynamicIcon, unauthenticated)
### Summary
The `SanitizeSVG` function introduced in v3.6.0 to fix XSS in the unauthenticated `/api/icon/getDynamicIcon` endpoint can be bypassed by using namespace-prefixed element names such as ``. The Go HTML5 parser records the eleme
ghsaosv
CVE-2026-33066P3MEDIUMCVSS 5.3≥ 0, < 0.0.0-20260414013942-62eed37a32632026-04-14
CVE-2026-33066 [MEDIUM] CWE-79 SiYuan has incomplete fix for CVE-2026-33066: XSS
SiYuan has incomplete fix for CVE-2026-33066: XSS
### Summary
The incomplete fix for SiYuan's bazaar README rendering enables the Lute HTML sanitizer but fails to block `` tags, allowing stored XSS via `srcdoc` attributes containing embedded scripts that execute in the Electron context.
### Affected Package
- **Ecosystem:** Go
- **Package:** github.com/siyuan-note/siyuan
- **Affected versions:** = commit b382f50
ghsaosv
CVE-2025-67488P3HIGH≥ 0, ≤ 0.0.0-20251202123337-6ef83b42c7ce2025-12-09
CVE-2025-67488 [HIGH] CWE-22 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE
SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE
### Summary
Function [**importZipMd**](https://github.com/siyuan-note/siyuan/blob/dae6158860cc704e353454565c96e874278c6f47/kernel/api/import.go#L190) is vulnerable to **ZipSlip** which allows an authenticated user to overwrite files on the system.
### Details
An authenticated user with access to the import functionality in notes is able to overwrite any file on the
ghsaosv
CVE-2026-44588P3HIGHCVSS 8.2≥ 0, ≤ 0.0.0-20260421031503-96dfe0bea4742026-05-08
CVE-2026-44588 [HIGH] CWE-116 SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585)
SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585)
## Summary
The tooltip mouseover handler in `app/src/block/popover.ts` reads `aria-label` via `getAttribute` and passes it through `decodeURIComponent` before assigning to `messageElement.innerHTML` in `app/src/dia
ghsa
CVE-2024-55660P3MEDIUM≥ 0, ≤ 0.0.0-20241210012039-5129ad926a212024-12-11
CVE-2024-55660 [MEDIUM] CWE-1336 SiYuan has an SSTI via /api/template/renderSprig
SiYuan has an SSTI via /api/template/renderSprig
### Summary
Siyuan's /api/template/renderSprig endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables
### Impact
Information leakage
ghsaosv
CVE-2026-32751P3MEDIUM≥ 0, ≤ 0.0.0-20260313024916-fd6526133bb32026-03-16
CVE-2026-32751 [MEDIUM] CWE-79 SiYuan Vulnerable to Remote Code Execution via Stored XSS in Notebook Name - Mobile Interface
SiYuan Vulnerable to Remote Code Execution via Stored XSS in Notebook Name - Mobile Interface
# Remote Code Execution via Stored XSS in Notebook Name - Mobile Interface
## Summary
SiYuan's mobile file tree (`MobileFiles.ts`) renders notebook names via `innerHTML` without HTML escaping when processing `renamenotebook` WebSocket events. The desktop version (`Files.ts`) pr
ghsaosv
CVE-2026-39846P3CRITICAL≥ 0, < 0.0.0-20260407035653-2f416e5253f12026-04-08
CVE-2026-39846 [CRITICAL] CWE-79 SiYuan: Remote Code Execution in the Electron desktop client via stored XSS in synced table captions
SiYuan: Remote Code Execution in the Electron desktop client via stored XSS in synced table captions
### Summary
A malicious note synced to another user can trigger remote code execution in the SiYuan Electron desktop client. The root cause is that table caption content is stored without safe escaping and later unescaped into rendered HTML, creating a stored XSS
ghsaosv
CVE-2026-29073P3MEDIUM≥ 0, ≤ 0.0.0-20260113130602-4ba64580c29c2026-03-03
CVE-2026-29073 [MEDIUM] CWE-862 SiYuan's direct SQL Query API accessible to Reader-level users enables unauthorized database access
SiYuan's direct SQL Query API accessible to Reader-level users enables unauthorized database access
### Summary
/api/query/sql allows users to run SQL directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any SQL query on the database.
### Details
The vulnerable endpoint is in kernel/api/sql.go
```go
func SQL(c *gin
ghsaosv
CVE-2026-32110P3HIGH≥ 0, < 3.6.02026-03-12
CVE-2026-32110 [HIGH] CWE-918 SiYuan has a Full-Read SSRF via /api/network/forwardProxy
SiYuan has a Full-Read SSRF via /api/network/forwardProxy
### Summary
The `/api/network/forwardProxy` endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata servic
ghsaosv
CVE-2026-40318P3HIGH≥ 0, < 3.6.40.0.0-20260407035653-2f416e5253f12026-04-10
CVE-2026-40318 [HIGH] CWE-24 SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView`
SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView`
## Summary
The endpoint `/api/av/removeUnusedAttributeView` is vulnerable to a **path traversal (CWE-22)** that allows an attacker to delete arbitrary `.json` files on the server.
The issue arises because user-controlled input (`id`) is directly used in filesystem path construction without validation or restricti
ghsa
CVE-2026-33067P3MEDIUM≥ 0, < 0.0.0-20260317012524-fe4523fff2c82026-03-18
CVE-2026-33067 [MEDIUM] CWE-79 SiYuan has Stored XSS to RCE via Unsanitized Bazaar Package Metadata
SiYuan has Stored XSS to RCE via Unsanitized Bazaar Package Metadata
# Stored XSS to RCE via Unsanitized Bazaar Package Metadata
## Summary
SiYuan's Bazaar (community marketplace) renders package metadata fields (`displayName`, `description`) using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which executes automatic
ghsaosv
CVE-2026-32749P3HIGH≥ 0, ≤ 0.0.0-20260313024916-fd6526133bb32026-03-16
CVE-2026-32749 [HIGH] CWE-22 SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write
SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write
### Summary
POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths t
ghsaosv
1 / 3Next →