Lucene search
K

27 matches found

Nuclei
Nuclei
added yesterday9 views

SiYuan <= 3.6.5 - Unauthenticated Path Traversal

SiYuan = 3.6.5 contains a path traversal via double URL-encoding in the /assets/ route publish mode port 6808, allowing unauthenticated attackers to read arbitrary files inside WorkspaceDir including conf/conf.json which exposes the API token and access auth code. id: CVE-2026-54066 info: name:...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-39122

SiYuan: Path Traversal via Double URL Encoding in /assets/path publish mode arbitrary file─read, Incomplete fix of CVE-2026-41894...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-59853

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns saved search criteria from data/storage/criteria.json without the publish-access filtering used by sibling storage endpoints, allowing a publish-mode Reader to read private...

6.5CVSS6AI score0.00235EPSS
Exploits0References4Affected Software1
CVE
CVE
added 5 days ago9 views

CVE-2026-59853

SiYuan prior to 3.7.1 exposes saved search criteria via /api/storage/getCriteria without publish-access filtering, enabling a publish-mode Reader to read private document paths, notebooks, documents, and block IDs, and to search/replace keywords for unpublished documents. This reflects a data-exp...

6.5CVSS6AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-59853 SiYuan: Publish-mode Reader can exfiltrate private saved-search Criteria via /api/storage/getCriteria (missing publish-access filter)

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns saved search criteria from data/storage/criteria.json without the publish-access filtering used by sibling storage endpoints, allowing a publish-mode Reader to read private...

6.5CVSS0.00235EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:34 p.m.6 views

GO-2026-5402 SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs in github.com/siyuan-note/siyuan/kernel

SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs in github.com/siyuan-note/siyuan/kernel...

7.2CVSS5.9AI score0.00207EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 6:43 p.m.5 views

GO-2026-5370 SiYuan has broken access control in `/api/search/{searchAsset,searchTag,searchWidget,searchTemplate}` publish-mode in github.com/siyuan-note/siyuan/kernel

SiYuan has broken access control in /api/search/searchAsset,searchTag,searchWidget,searchTemplate publish-mode in github.com/siyuan-note/siyuan/kernel...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 10:16 p.m.9 views

CVE-2026-54066

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint,...

7.5CVSS0.01892EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 9:13 p.m.16 views

CVE-2026-54066

SiYuan

7.5CVSS6AI score0.01892EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 9:13 p.m.16 views

CVE-2026-54066 SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read)

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint,...

7.5CVSS0.01892EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52107

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.0 Description An unauthenticated remote attacker can read arbitrary files within the WorkspaceDir when the system is in publish mode, which is an anonymous read-only HTTP endpoint. This is achieved by using...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.12 views

CVE-2026-45148

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate metadata from documents that are invisible to the publish service. This vulnerability is fixed in...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.9 views

CVE-2026-45371

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs. POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST...

7.2CVSS5.9AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 7:16 p.m.16 views

CVE-2026-45371

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs. POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST...

7.2CVSS0.00207EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 7:16 p.m.35 views

CVE-2026-45148

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate metadata from documents that are invisible to the publish service. This vulnerability is fixed in...

4.3CVSS0.00221EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 6:19 p.m.17 views

CVE-2026-45148

SiYuan (open-source personal knowledge management) before v3.7.0 has broken access control in publish-mode, allowing Readers to enumerate metadata across documents via the searchAsset, searchTag, searchWidget, and searchTemplate endpoints. The issue arises when a publish-mode RoleReader accesses ...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 6:19 p.m.10 views

CVE-2026-45148 SiYuan: Broken access control in SiYuan publish-mode Readers can enumerate metadata

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate metadata from documents that are invisible to the publish service. This vulnerability is fixed in...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 6:19 p.m.10 views

EUVD-2026-30353

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate metadata from documents that are invisible to the publish service. This vulnerability is fixed in...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 6:19 p.m.44 views

CVE-2026-45148 SiYuan: Broken access control in SiYuan publish-mode Readers can enumerate metadata

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate metadata from documents that are invisible to the publish service. This vulnerability is fixed in...

4.3CVSS0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 6:14 p.m.37 views

CVE-2026-45371 SiYuan: SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs. POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST...

7.2CVSS0.00207EPSS
Exploits0References1
Rows per page
Query Builder