cbcvebase.

Siyuan-Note Siyuan vulnerabilities

61 known vulnerabilities affecting siyuan-note/siyuan.

Total CVEs
61
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL20HIGH25MEDIUM16

Vulnerabilities

Page 3 of 4
CVE-2026-45371P3HIGHCVSS 7.2fixed in 3.7.02026-05-14
CVE-2026-45371 [HIGH] CWE-285 CVE-2026-45371: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode R SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs. POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST /api/storage/updateRecentDocCloseTime, POST /api/storage/upd
nvd
CVE-2026-32815P3HIGHCVSS 7.5fixed in 3.6.12026-03-19
CVE-2026-32815 [HIGH] CWE-287 CVE-2026-32815: SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the WebSocket endpoin SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the WebSocket endpoint (/ws) allows unauthenticated connections when specific URL parameters are provided (?app=siyuan&id=auth&type=auth). This bypass, intended for the login page to keep the kernel alive, allows any external client — including malicious websites via cross-
nvd
CVE-2026-30926P3HIGHCVSS 7.1fixed in 3.5.102026-03-10
CVE-2026-30926 [HIGH] CWE-284 CVE-2026-30926: SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerabil SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint requires only the model.CheckAuth role, which accepts
nvd
CVE-2026-34585P3HIGHCVSS 8.2fixed in 3.6.22026-03-31
CVE-2026-34585 [HIGH] CWE-79 CVE-2026-34585: SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows cra SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute values to bypass server-side attribute escaping when an HTML entity is mixed with raw special characters. An attacker can embed a malicious IAL value inside a .sy document, package it as a .sy.zip, and have the victim import it throu
nvd
CVE-2026-44586P3HIGHCVSS 8.3v>= 2.1.12, < 3.7.02026-05-14
CVE-2026-44586 [HIGH] CWE-79 CVE-2026-44586: SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML without escaping. In the desktop app this becomes stored XSS, and because SiYuan's Electron windows are created with nodeIntegration: true and contextIsolatio
nvd
CVE-2026-41894P3HIGHCVSS 7.1fixed in 3.7.02026-04-24
CVE-2026-41894 [HIGH] CWE-22 CVE-2026-41894: SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026- SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check (IsSensitivePath) but did not address the root cause — a redundant url.PathUnescape() call in serveExport(). An authenticated attacker can use double URL encoding (%252e%252e) to traverse directories and read arbitrary w
nvd
CVE-2026-23851P3MEDIUMCVSS 6.5fixed in 3.5.42026-01-19
CVE-2026-23851 [MEDIUM] CWE-22 CVE-2026-23851: SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerabil SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper path validation. The vulnerability exists in the api/file.
nvd
CVE-2026-32704P3MEDIUMCVSS 6.5fixed in 3.6.12026-03-16
CVE-2026-32704 [MEDIUM] CWE-285 CVE-2026-32704: SiYuan is a personal knowledge management system. Prior to 3.6.1, POST /api/template/renderSprig lac SiYuan is a personal knowledge management system. Prior to 3.6.1, POST /api/template/renderSprig lacks model.CheckAdminRole, allowing any authenticated user to execute arbitrary SQL queries against the SiYuan workspace database and exfiltrate all note content, metadata, and custom attributes. This vulnerability is fixed in 3.6.1.
nvd
CVE-2026-32750P3MEDIUMCVSS 6.8fixed in 3.6.12026-03-19
CVE-2026-32750 [MEDIUM] CWE-22 CVE-2026-32750: SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/impo SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importStdMd passes the localPath parameter directly to model.ImportFromLocalPath with zero path validation. The function recursively reads every file under the given path and permanently stores their content as SiYuan note documents in the workspace databa
nvd
CVE-2026-32938P3MEDIUMCVSS 6.5fixed in 3.6.12026-03-20
CVE-2026-32938 [MEDIUM] CWE-22 CVE-2026-32938: SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2Bl SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2BlockDOM on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace assets directory without validating paths against a sensitive-path list. Together with GET /assets/*path, which only requires authentication, a publi
nvd
CVE-2026-54070P3HIGHCVSS 7.1fixed in 3.7.02026-06-24
CVE-2026-54070 [HIGH] CWE-79 CVE-2026-54070: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME i SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME in kernel/bazaar/readme.go renders a Bazaar package README from Markdown to HTML with the lute engine and SetSanitize(true). The lute sanitizer is an event-handler blocklist: allowAttr rejects only attribute names present in a fixed eventAttrs map copied
nvd
CVE-2026-33194P3MEDIUMCVSS 6.8fixed in 3.6.22026-03-20
CVE-2026-33194 [MEDIUM] CWE-22 CVE-2026-33194: SiYuan is a personal knowledge management system. Prior to version 3.6.2, the `IsSensitivePath()` fu SiYuan is a personal knowledge management system. Prior to version 3.6.2, the `IsSensitivePath()` function in `kernel/util/path.go` uses a denylist approach that was recently expanded (GHSA-h5vh-m7fg-w5h6, commit 9914fd1) but remains incomplete. Multiple security-relevant Linux directories are not blocked, including `/opt` (application data), `/usr`
nvd
CVE-2026-54068P3MEDIUMCVSS 5.9fixed in 3.7.02026-06-24
CVE-2026-54068 [MEDIUM] CWE-306 CVE-2026-54068: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the /api/icon/getDyna SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the /api/icon/getDynamicIcon endpoint is explicitly excluded from authentication in SiYuan's kernel router (router.go, "不需要鉴权" -- no auth needed). When called with type=8 and a valid block id parameter, this endpoint invokes RenderDynamicIconContentTemplate, which execute
nvd
CVE-2026-40107P3MEDIUMCVSS 6.5fixed in 3.6.42026-04-09
CVE-2026-40107 [MEDIUM] CWE-918 CVE-2026-40107: SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with securityLevel: "loose" and htmlLabels: true. In this mode, tags with src attributes survive Mermaid's internal DOMPurify and land in SVG blocks. The SVG is injected via innerHTML with no secondary sanitization. When a victim opens a note containing a m
nvd
CVE-2026-32747P4MEDIUMCVSS 4.9fixed in 3.6.12026-03-19
CVE-2026-32747 [MEDIUM] CWE-22 CVE-2026-32747: SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the globalCopyFiles A SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the globalCopyFiles API eads source files using filepath.Abs() with no workspace boundary check, relying solely on util.IsSensitivePath() whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin can copy /proc/1/environ or Docker secrets into the
nvd
CVE-2024-55659P4MEDIUMCVSS 5.4fixed in 3.1.162024-12-12
CVE-2024-55659 [MEDIUM] CWE-22 CVE-2024-55659: SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` e SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue.
nvd
CVE-2026-23847P4MEDIUMCVSS 6.1fixed in 3.5.42026-01-19
CVE-2026-23847 [MEDIUM] CWE-79 CVE-2026-23847: SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflecte SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons (type=8). The content query parameter is inserted directly into the SVG tag without XML escaping. Since the response Conte
nvd
CVE-2026-23645P4MEDIUMCVSS 6.1fixed in 3.5.4-dev22026-01-16
CVE-2026-23645 [MEDIUM] CWE-79 CVE-2026-23645: SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a St SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a Stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan Note. The application does not sanitize uploaded SVG files. If a user uploads and views a malicious SVG file (e.g., imported from an untrusted source), arbitrary JavaScript code is executed
nvd
CVE-2026-25647P4MEDIUMCVSS 5.4fixed in 3.5.52026-02-06
CVE-2026-25647 [MEDIUM] CWE-79 CVE-2026-25647: Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier (as used i Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier (as used in SiYuan before) has a Stored Cross-Site Scripting (XSS) vulnerability in the Markdown rendering engine. An attacker can inject malicious JavaScript into a Markdown text/note. When another user clicks the rendered content, the script executes in the co
nvd
CVE-2026-45148P4MEDIUMCVSS 4.3fixed in 3.7.02026-05-14
CVE-2026-45148 [MEDIUM] CWE-863 CVE-2026-45148: SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate metadata from documents that are invisible to the publish service. This vulnerability is fixed in 3.7.0.
nvd
Siyuan-Note Siyuan vulnerabilities | cvebase