B3log

Siyuan

55 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-32767

Exploit
  • EPSS 0.54%
  • Veröffentlicht 20.03.2026 00:13:31
  • Zuletzt bearbeitet 23.03.2026 15:23:44

SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input d...

7.5

CVE-2026-32815

Exploit
  • EPSS 0.36%
  • Veröffentlicht 19.03.2026 21:39:31
  • Zuletzt bearbeitet 23.03.2026 18:20:00

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the WebSocket endpoint (/ws) allows unauthenticated connections when specific URL parameters are provided (?app=siyuan&id=auth&type=auth). This bypass, intended for the lo...

9.1

CVE-2026-32749

Exploit
  • EPSS 0.43%
  • Veröffentlicht 19.03.2026 21:17:10
  • Zuletzt bearbeitet 23.03.2026 18:08:07

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an ad...

4.9

CVE-2026-32747

Exploit
  • EPSS 0.41%
  • Veröffentlicht 19.03.2026 21:17:10
  • Zuletzt bearbeitet 23.03.2026 18:23:38

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the globalCopyFiles API eads source files using filepath.Abs() with no workspace boundary check, relying solely on util.IsSensitivePath() whose blocklist omits /proc/, /r...

6.8

CVE-2026-32750

Exploit
  • EPSS 0.43%
  • Veröffentlicht 19.03.2026 21:15:32
  • Zuletzt bearbeitet 23.03.2026 18:09:19

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importStdMd passes the localPath parameter directly to model.ImportFromLocalPath with zero path validation. The function recursively reads every file unde...

9

CVE-2026-32751

Exploit
  • EPSS 0.8%
  • Veröffentlicht 19.03.2026 21:11:59
  • Zuletzt bearbeitet 23.03.2026 18:16:01

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree (MobileFiles.ts) renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version (File...

6.5

CVE-2026-32704

Exploit
  • EPSS 0.25%
  • Veröffentlicht 13.03.2026 21:10:36
  • Zuletzt bearbeitet 17.03.2026 19:02:25

SiYuan is a personal knowledge management system. Prior to 3.6.1, POST /api/template/renderSprig lacks model.CheckAdminRole, allowing any authenticated user to execute arbitrary SQL queries against the SiYuan workspace database and exfiltrate all not...

8.3

CVE-2026-32110

Exploit
  • EPSS 0.28%
  • Veröffentlicht 11.03.2026 20:38:08
  • Zuletzt bearbeitet 13.03.2026 16:51:38

SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to...

6.1

CVE-2026-31809

Exploit
  • EPSS 0.51%
  • Veröffentlicht 10.03.2026 20:58:36
  • Zuletzt bearbeitet 11.03.2026 20:16:05

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer (SanitizeSVG) checks href attributes for the javascript: prefix using strings.HasPrefix(). However, inserting ASCII tab ( ), newline ( ), or carriage ret...

6.1

CVE-2026-31807

Exploit
  • EPSS 0.45%
  • Veröffentlicht 10.03.2026 20:56:57
  • Zuletzt bearbeitet 11.03.2026 20:16:28

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer (SanitizeSVG) blocks dangerous elements (<script>, <iframe>, <foreignobject>) and removes on* event handlers and javascript: in href attributes. However, it doe...