CVE-2026-33670

SiYuan has a vulnerability CVE-2026-33670 where the /api/file/readDir interface allows directory traversal to enumerate filenames of all documents under a notebook. This occurs in versions prior to 3.6.2; the issue is mitigated by upgrading to 3.6.2 or later. The connected sources consistently de...

CVE-2026-33670 SiYuan has directory traversal within its publishing service

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue...

CVE-2026-33670 SiYuan has directory traversal within its publishing service

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue...

CVE-2026-33670 SiYuan has directory traversal within its publishing service

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue...

CVE-2026-33669 SiYuan has Arbitrary Document Reading within the Publishing Service

SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue...

CVE-2026-33669

SiYuan (personal knowledge management system) had a vulnerability prior to version 3.6.2 where document IDs could be retrieved via /api/file/readDir and then /api/block/getChildBlocks could be used to view content of all documents, effectively enabling arbitrary document reading within the Publis...

CVE-2026-33669 SiYuan has Arbitrary Document Reading within the Publishing Service

SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue...

CVE-2026-33669 SiYuan has Arbitrary Document Reading within the Publishing Service

SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue...

GO-2026-4843 SiYuan has directory traversal within its publishing service in github.com/siyuan-note/siyuan/kernel

SiYuan has directory traversal within its publishing service in github.com/siyuan-note/siyuan/kernel...

GO-2026-4842 SiYuan has Arbitrary Document Reading within the Publishing Service in github.com/siyuan-note/siyuan/kernel

SiYuan has Arbitrary Document Reading within the Publishing Service in github.com/siyuan-note/siyuan/kernel...

GHSA-XMW9-6R43-X9WW SiYuan has directory traversal within its publishing service

Details The /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. PoC python !/usr/bin/env python3 """POC: SiYuan /api/file/readDir 未鉴权目录遍历""" import requests, json, sys def poctarget: base = target.rstrip"/" url = f"base/api/file/readDir"...

GHSA-34XJ-66V3-6J83 SiYuan has Arbitrary Document Reading within the Publishing Service

Details Document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. PoC python !/usr/bin/env python3 """SiYuan /api/block/getChildBlocks 文档内容读取""" import requests import json import sys def...

SiYuan has Arbitrary Document Reading within the Publishing Service

Details Document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. PoC python !/usr/bin/env python3 """SiYuan /api/block/getChildBlocks 文档内容读取""" import requests import json import sys def...

Will the "World Wide Web Publishing Service" be stopped during Storefront propagation

Will the "World Wide Web Publishing Service" be stopped while the StoreFront "Propagate Changes" is in progress?...

Windows 8.1 and Server 2012 R2 KB4345424 Update

The remote Windows host is missing update 4345424. This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: - Addressed issue in which some devices may experience stop error 0xD1 when you run network monitoring workloads...

Storefront 3.15 | Storefront propagation fails.

Propagation fails on Server 2012R2 machine. In event logs: Log Name: Citrix Delivery Services Source: Citrix Configuration Replication An error occurred when starting the 'WAS' Windows service. System.ServiceProcess.TimeoutException, System.ServiceProcess, Version-4.0.0.0, Culture=neutral,...

July 10, 2018—KB4338830 (Monthly Rollup)

July 10, 2018—KB4338830 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4284852 released June 21, 2018 and addresses the following issues: Provides protections from an additional subclass of speculative execution side-channel...

Improvements and fixes - Windows 8.1 and Server 2012 R2

Improvements and fixes - Windows 8.1 and Server 2012 R2 Summary This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue in which some devices may experience stop error 0xD1 when you run network monitorin...

July 16, 2018—KB4345455 (OS Build 10240.17918)

July 16, 2018—KB4345455 OS Build 10240.17918 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may cause some devices running network monitoring workloads to receive...

July 16, 2018—KB4345421 (OS Build 17134.167)

July 16, 2018—KB4345421 OS Build 17134.167 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may cause some devices running network monitoring workloads to receive th...