Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/20 8:22 p.m.1 views

CVE-2026-23851

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...

8.3CVSS5.7AI score0.00436EPSS
Exploits1References1
NVD
NVD
added 2026/01/19 8:15 p.m.6 views

CVE-2026-23851

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...

8.3CVSS0.00436EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/19 7:57 p.m.17 views

CVE-2026-23851 SiYuan Vulnerable to Arbitrary File Read via File Copy Functionality

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...

8.3CVSS0.00436EPSS
Exploits1References4
OSV
OSV
added 2026/01/19 7:57 p.m.6 views

CVE-2026-23851 SiYuan Vulnerable to Arbitrary File Read via File Copy Functionality

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...

8.3CVSS5.7AI score0.00436EPSS
Exploits1References6
Rows per page
Query Builder