EUVD-2026-25626

🗓️ 24 Apr 2026 18:56:54Reported by EUVDType

Siyuan prior to 3.6.5 allowed authenticated users to read arbitrary workspace files via double URL encoding.

Reporter	Title	Published	Views	Family All 150
ATTACKERKB	CVE-2026-41894	24 Apr 202618:56	–	attackerkb
ATTACKERKB	CVE-2026-30869	9 Mar 202622:28	–	attackerkb
Circl	CVE-2026-30869	6 Mar 202608:41	–	circl
Circl	CVE-2026-41894	19 Apr 202609:48	–	circl
CNNVD	SiYuan 安全漏洞	10 Mar 202600:00	–	cnnvd
CNNVD	SiYuan 路径遍历漏洞	24 Apr 202600:00	–	cnnvd
CVE	CVE-2026-30869	9 Mar 202622:28	–	cve
CVE	CVE-2026-41894	24 Apr 202618:56	–	cve
Cvelist	CVE-2026-30869 SiYuan has a Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage	9 Mar 202622:28	–	cvelist
Cvelist	CVE-2026-41894 SiYuan: Incomplete Fix Bypass for CVE-2026-30869: Path Traversal via Double URL Encoding in `/export/` Endpoint	24 Apr 202618:56	–	cvelist

[
  {
    "enisaIdVendor": [
      {
        "id": "665a985d-82e5-3dc6-b439-54a44c1e750e",
        "vendor": {
          "name": "siyuan-note"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1a2e51fb-f807-3c08-99ce-39e07cad797c",
        "product": {
          "name": "SiYuan"
        },
        "product_version": "< 3.6.5"
      },
      {
        "id": "2db0480e-f8a7-36dc-8e02-e898c6e3d231",
        "product": {
          "name": "SiYuan"
        },
        "product_version": "< 3.6.5"
      }
    ]
  }
]

Source	Link
github	www.github.com/siyuan-note/siyuan/security/advisories/GHSA-hjh7-r5w8-5872
github	www.github.com/siyuan-note/siyuan/commit/bb481e1290c4a34255652ede85a546504505d2a7
github	www.github.com/siyuan-note/siyuan/releases/tag/v3.6.5

24 Apr 2026 18:56Current

5.6Medium risk

Vulners AI Score5.6

CVSS 47.1

CVSS 3.19.3 - 9.8

EPSS0.01028

SSVC