cbcvebase.

Siyuan-Note Siyuan vulnerabilities

61 known vulnerabilities affecting siyuan-note/siyuan.

Total CVEs
61
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL20HIGH25MEDIUM16

Vulnerabilities

Page 2 of 4
CVE-2026-40318P3HIGHCVSS 8.5fixed in 3.6.42026-04-16
CVE-2026-40318 [HIGH] CWE-24 CVE-2026-40318: SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api/av/removeUnusedAttributeView endpoint constructs a filesystem path using the user-controlled id parameter without validation or path boundary enforcement. An attacker can inject path traversal sequences such as ../ into the id value to escape the intend
nvd
CVE-2026-23852P3CRITICALCVSS 9.6fixed in 3.5.42026-01-19
CVE-2026-23852 [CRITICAL] CWE-94 CVE-2026-23852: SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site S SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting (XSS) vulnerability that allows an attacker to inject arbitrary HTML attributes into the `icon` attribute of a block via the `/api/attr/setBlockAttrs` API. The payload is later rendered in the dynamic icon feature in an unsanitized context,
nvd
CVE-2026-32749P3CRITICALCVSS 9.1fixed in 3.6.12026-03-19
CVE-2026-32749 [CRITICAL] CWE-22 CVE-2026-32749: SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/impo SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths that e
nvd
CVE-2026-33067P3CRITICALCVSS 9.0fixed in 3.6.12026-03-20
CVE-2026-33067 [CRITICAL] CWE-79 CVE-2026-33067: SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata f SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata fields (displayName, description) using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which executes automatically when any user browses the Bazaar page. Because SiYuan's El
nvd
CVE-2026-54759P3HIGHCVSS 8.7fixed in 3.7.02026-06-24
CVE-2026-54759 [HIGH] CWE-79 CVE-2026-54759: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious in a Bazaar package README that executes arbitrary commands on the victim's machine when the package details are
nvd
CVE-2026-34448P3CRITICALCVSS 9.0fixed in 3.6.22026-03-31
CVE-2026-34448 [CRITICAL] CWE-79 CVE-2026-34448: SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From -> Asset Field” enabled. The vulnerable code accepts arbitrary http(s) URLs without extensions as images, stores th
nvd
CVE-2026-40259P3HIGHCVSS 8.1fixed in 0.0.0-20260407035653-2f416e5253f1fixed in 3.6.42026-04-16
CVE-2026-40259 [HIGH] CWE-285 CVE-2026-40259: SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model function that unconditionally deletes the corresponding attr
nvd
CVE-2026-25539P3HIGHCVSS 7.2fixed in 3.5.52026-02-04
CVE-2026-25539 [HIGH] CWE-22 CVE-2026-25539: SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile end SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution (RCE) by writing to sensitive locations such as cron jobs, SSH authorized_keys, or sh
nvd
CVE-2026-44670P3CRITICALCVSS 9.4fixed in 3.7.02026-05-14
CVE-2026-44670 [CRITICAL] CWE-79 CVE-2026-44670: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the kernel stores Att SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the kernel stores Attribute View (AV / database) names without any HTML escape, then a render template uses raw strings.ReplaceAll(tpl, "${avName}", nodeAvName) to embed the name in HTML before pushing to all clients via WebSocket. Three independent client paths (render.
nvd
CVE-2026-45375P3CRITICALCVSS 9.0fixed in 3.7.02026-05-14
CVE-2026-45375 [CRITICAL] CWE-79 CVE-2026-45375: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar (comm SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar (community marketplace) renders the name and version fields of a package's plugin.json (and the equivalent theme.json / template.json / widget.json / icon.json) into the Settings → Marketplace UI without HTML escaping. The kernel-side helper sanitizePacka
nvd
CVE-2026-33670P3HIGHCVSS 7.5fixed in 3.6.22026-03-26
CVE-2026-33670 [HIGH] CWE-22 CVE-2026-33670: SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir inte SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue.
nvd
CVE-2026-23850P3HIGHCVSS 7.5fixed in 3.5.42026-01-19
CVE-2026-23850 [HIGH] CWE-22 CVE-2026-23850: SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature a SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted server side html-rendering which allows arbitrary file read (LFD). Version 3.5.4 fixes the issue.
nvd
CVE-2026-40322P3CRITICALCVSS 9.0fixed in 3.6.42026-04-16
CVE-2026-40322 [CRITICAL] CWE-79 CVE-2026-40322: SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered with securityLevel set to "loose", and the resulting SVG is injected into the DOM via innerHTML. This allows attacker-controlled javascript: URLs in Mermaid code blocks to survive into the rendered output. On desktop builds using
nvd
CVE-2024-55658P3HIGHCVSS 7.5fixed in 3.1.162024-12-12
CVE-2024-55658 [HIGH] CWE-22 CVE-2024-55658: SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/expo SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/exportResources endpoint is vulnerable to arbitary file read via path traversal. It is possible to manipulate the paths parameter to access and download arbitrary files from the host system by traversing the workspace directory structure. Version 3.1.16 cont
nvd
CVE-2026-33669P3HIGHCVSS 7.5fixed in 3.6.22026-03-26
CVE-2026-33669 [HIGH] CWE-125 CVE-2026-33669: SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieve SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue.
nvd
CVE-2026-25992P3HIGHCVSS 7.5fixed in 3.5.52026-02-10
CVE-2026-25992 [HIGH] CWE-22 CVE-2026-25992: SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint use SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read protected configuration files. This vulnerability is fixed in
nvd
CVE-2026-41421P3HIGHCVSS 8.8fixed in 3.6.52026-04-24
CVE-2026-41421 [HIGH] CWE-78 CVE-2026-41421: SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop render SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer. The notification route POST /api/notification/pushMsg accepts a user-controlled msg value, forwards it through the backend broadcast layer, and the frontend inserts it into the DOM with ins
nvd
CVE-2025-68948P3HIGHCVSS 8.1≤ 3.5.12025-12-27
CVE-2025-68948 [HIGH] CWE-321 CVE-2025-68948: SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and pri SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode is stored within the session cookie, an attacker who int
nvd
CVE-2024-55657P3HIGHCVSS 7.5fixed in 3.1.162024-12-12
CVE-2024-55657 [HIGH] CWE-22 CVE-2024-55657: SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vu SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host system. Version 3.1.16 contains a patch for the issue.
nvd
CVE-2026-33203P3HIGHCVSS 7.5fixed in 3.6.22026-03-20
CVE-2026-33203 [HIGH] CWE-248 CVE-2026-33203: SiYuan is a personal knowledge management system. Prior to version 3.6.2, the SiYuan kernel WebSocke SiYuan is a personal knowledge management system. Prior to version 3.6.2, the SiYuan kernel WebSocket server accepts unauthenticated connections when a specific "auth keepalive" query parameter is present. After connection, incoming messages are parsed using unchecked type assertions on attacker-controlled JSON. A remote attacker can send malformed me
nvd
Siyuan-Note Siyuan vulnerabilities | cvebase