Siyuan-Note Siyuan vulnerabilities
61 known vulnerabilities affecting siyuan-note/siyuan.
Total CVEs
61
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL20HIGH25MEDIUM16
Vulnerabilities
Page 1 of 4
CVE-2026-54069P2CRITICALCVSS 9.2PoCfixed in 3.7.02026-06-24
CVE-2026-54069 [CRITICAL] CWE-346 CVE-2026-54069: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan Note's kernel
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan Note's kernel HTTP server unconditionally trusts all chrome-extension:// origins, granting RoleAdministrator access to every installed browser extension without any authentication. Combined with the default empty AccessAuthCode on desktop installs, any Chrome/Chro
nvd
CVE-2026-33476P2HIGHCVSS 7.5PoCfixed in 3.6.22026-03-20
CVE-2026-33476 [HIGH] CWE-22 CVE-2026-33476: SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes
SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under `/appearance/*filepath.` Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server process. Authentication checks explicitly exclude this e
nvd
CVE-2026-34453P2HIGHCVSS 7.5PoCfixed in 3.6.22026-03-31
CVE-2026-34453 [HIGH] CWE-863 CVE-2026-34453: SiYuan is a personal knowledge management system. Prior to version 3.6.2, the publish service expose
SiYuan is a personal knowledge management system. Prior to version 3.6.2, the publish service exposes bookmarked blocks from password-protected documents to unauthenticated visitors. In publish/read-only mode, /api/bookmark/getBookmark filters bookmark results by calling FilterBlocksByPublishAccess(nil, ...). Because the filter treats a nil context as
nvd
CVE-2026-30869P2CRITICALCVSS 9.8fixed in 3.6.52026-03-10
CVE-2026-30869 [CRITICAL] CWE-22 CVE-2026-30869: SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in
SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary files from the server filesystem. By exploiting double‑encoded traversal sequences, an attacker can access sensitive files such as conf/conf.json, which contains secrets including the API tok
nvd
CVE-2026-32767P2CRITICALCVSS 9.8fixed in 3.6.12026-03-20
CVE-2026-32767 [CRITICAL] CWE-89 CVE-2026-32767: SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization
SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlying SQLite database without any authorization or read-on
nvd
CVE-2026-29183P3MEDIUMCVSS 6.1PoCfixed in 3.6.12026-03-06
CVE-2026-29183 [MEDIUM] CWE-79 CVE-2026-29183: SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflect
SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint "GET /api/icon/getDynamicIcon" when type=8, attacker-controlled content is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns image/svg+xml, a craf
nvd
CVE-2026-54067P2CRITICALCVSS 9.9fixed in 3.7.02026-06-24
CVE-2026-54067 [CRITICAL] CWE-79 CVE-2026-54067: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, CSS snippet body cont
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, CSS snippet body containing breaks out of its surrounding tag when renderSnippet() interpolates it via insertAdjacentHTML. A payload like runs arbitrary JavaScript in the renderer. On Electron desktop builds the renderer runs with nodeIntegration:true, so require('child_
nvd
CVE-2026-54158P2CRITICALCVSS 9.9fixed in 3.7.02026-06-24
CVE-2026-54158 [CRITICAL] CWE-79 CVE-2026-54158: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the attribute-view (d
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the attribute-view (database) cell renderer genAVValueHTML interpolates cell content raw in four of its branches: text, url, phone, and mAsset. A cell value like or "> breaks out of its surrounding tag and runs arbitrary JavaScript in the renderer when the victim opens t
nvd
CVE-2026-34449P2CRITICALCVSS 9.6fixed in 3.6.22026-03-31
CVE-2026-34449 [CRITICAL] CWE-942 CVE-2026-34449: SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can ac
SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Execution (RCE) on any desktop running SiYuan by exploiting the permissive CORS policy (Access-Control-Allow-Origin: * + Access-Control-Allow-Private-Network: true) to inject a JavaScript snippet via the API. The injected snippet e
nvd
CVE-2026-34605P3MEDIUMCVSS 6.1PoCv>= 3.6.0, < 3.6.22026-03-31
CVE-2026-34605 [MEDIUM] CWE-79 CVE-2026-34605: SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the Sa
SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5 parser records the element's tag as "x:script" rather th
nvd
CVE-2025-67488P3HIGHCVSS 8.8≤ 0.0.0-20251202123337-6ef83b42c7ce2025-12-09
CVE-2025-67488 [HIGH] CWE-22 CVE-2025-67488: SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-2025120212
SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the import functionality in notes is able to overwrite any fil
nvd
CVE-2024-55660P3CRITICALCVSS 9.8fixed in 3.1.162024-12-12
CVE-2024-55660 [CRITICAL] CWE-1336 CVE-2024-55660: SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/r
SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables. Version 3.1.16 contains a patch for the issue.
nvd
CVE-2025-21609P3CRITICALCVSS 9.1v= 3.1.182025-01-03
CVE-2025-21609 [CRITICAL] CWE-459 CVE-2025-21609: SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.1
SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the ser
nvd
CVE-2026-32751P3CRITICALCVSS 9.0fixed in 3.6.12026-03-19
CVE-2026-32751 [CRITICAL] CWE-79 CVE-2026-32751: SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree (MobileFiles.ts) renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version (Files.ts) properly uses escapeHtml() for the same operation. An authenticated user who can rename noteboo
nvd
CVE-2026-33066P3CRITICALCVSS 9.0fixed in 3.6.42026-03-20
CVE-2026-33066 [CRITICAL] CWE-79 CVE-2026-33066: SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREA
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREADME function uses lute.New() without calling SetSanitize(true), allowing raw HTML embedded in Markdown to pass through unmodified. The frontend then assigns the rendered HTML to innerHTML without any additional sanitization. A malicious package autho
nvd
CVE-2026-50551P3CRITICALCVSS 9.9fixed in 3.7.02026-06-24
CVE-2026-50551 [CRITICAL] CWE-79 CVE-2026-50551: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan contains a sto
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan contains a stored cross-site scripting (XSS) vulnerability in the Attribute View (database) asset cell renderer that escalates to remote code execution (RCE) in the Electron desktop client. This vulnerability is fixed in 3.7.0.
nvd
CVE-2026-39846P3CRITICALCVSS 9.0fixed in 3.6.42026-04-07
CVE-2026-39846 [CRITICAL] CWE-79 CVE-2026-39846: SiYuan is a personal knowledge management system. Prior to 3.6.4, a malicious note synced to another
SiYuan is a personal knowledge management system. Prior to 3.6.4, a malicious note synced to another user can trigger remote code execution in the SiYuan Electron desktop client. The root cause is that table caption content is stored without safe escaping and later unescaped into rendered HTML, creating a stored XSS sink. Because the desktop render
nvd
CVE-2026-29073P3HIGHCVSS 8.8fixed in 3.6.02026-03-06
CVE-2026-29073 [HIGH] CWE-89 CVE-2026-29073: SiYuan is a personal knowledge management system. Prior to version 3.6.0, the /api/query/sql lets a
SiYuan is a personal knowledge management system. Prior to version 3.6.0, the /api/query/sql lets a user run sql directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any sql query on the database. This issue has been patched in version 3.6.0.
nvd
CVE-2026-32110P3HIGHCVSS 8.3fixed in 3.6.02026-03-11
CVE-2026-32110 [HIGH] CWE-918 CVE-2026-32110: SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endp
SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to in
nvd
CVE-2026-44588P3CRITICALCVSS 9.4fixed in 3.7.02026-05-14
CVE-2026-44588 [CRITICAL] CWE-79 CVE-2026-44588: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover handler in app/src/block/popover.ts reads aria-label via getAttribute and passes it through decodeURIComponent before assigning to messageElement.innerHTML in app/src/dialog/tooltip.ts:41. The encoder used at the producer side, escapeAriaLabel in app/
nvd
1 / 4Next →