Lucene search
K

716 matches found

Nuclei
Nuclei
added 5 hours ago9 views

SiYuan <= 3.6.5 - Unauthenticated Path Traversal

SiYuan = 3.6.5 contains a path traversal via double URL-encoding in the /assets/ route publish mode port 6808, allowing unauthenticated attackers to read arbitrary files inside WorkspaceDir including conf/conf.json which exposes the API token and access auth code. id: CVE-2026-54066 info: name:...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References1
Nuclei
Nuclei
added 5 hours ago26 views

SiYuan Note <= 3.6.5 - Authentication Bypass

SiYuan Note 3.6.5 and prior is vulnerable to authentication bypass. The CheckAuth middleware unconditionally trusted all chrome-extension:// origins, granting RoleAdministrator access without token validation to any request with a spoofed Origin header. Fixed in v3.7.0. id: CVE-2026-54069 info:...

9.2CVSS6.1AI score0.00607EPSS
Exploits0References2
Nuclei
Nuclei
added 5 hours ago19 views

SiYuan <= v3.6.1 - Path Traversal

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under /appearance/filepath. Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server...

7.5CVSS6.8AI score0.03256EPSS
Exploits1References3
Nuclei
Nuclei
added 5 hours ago8 views

SiYuan <= v3.5.9 - Cross Site Scripting

SiYuan v3.5.10 contains a reflected XSS caused by improper sanitization of javascript: href attributes allowing ASCII control characters to bypass prefix checks in SVG sanitizer, letting unauthenticated attackers execute JavaScript via /api/icon/getDynamicIcon. id: CVE-2026-31809 info: name: SiYu...

6.4CVSS7.1AI score0.00505EPSS
Exploits1References2
Nuclei
Nuclei
added 5 hours ago31 views

SiYuan <= v3.6.1 - Bookmark Data Disclosure

SiYuan v3.6.2 contains an information disclosure vulnerability caused by improper authorization checks in the publish service's bookmark filtering, letting unauthenticated visitors access bookmarked blocks from password-protected documents, exploit requires access to the publish service. id:...

7.5CVSS6.1AI score0.01227EPSS
Exploits1References2
Nuclei
Nuclei
added 5 hours ago58 views

SiYuan <= v3.5.9 - SVG Animate Element XSS

SiYuan = v3.5.9 contains a reflected XSS caused by insufficient SVG sanitization allowing SVG animation elements to inject executable JavaScript in /api/icon/getDynamicIcon endpoint, letting unauthenticated attackers execute scripts. id: CVE-2026-31807 info: name: SiYuan = v3.5.9 - SVG Animate...

6.4CVSS7.1AI score0.00445EPSS
Exploits1References2
Nuclei
Nuclei
added 5 hours ago6 views

SiYuan Note - Cross-Site Scripting

Unauthenticated reflected cross-site scripting XSS vulnerability in all versions of SiYuan Note containing /api/icon/getDynamicIcon with unsafe type=8 rendering logic. Attacker-controlled content is inserted directly into SVG output without proper sanitization. An attacker can execute arbitrary...

9.3CVSS7.2AI score0.00625EPSS
Exploits1References2
Circl
Circl
added 4 days ago4 views

CVE-2026-54068

creationtimestamp| type| source ---|---|--- 2026-07-10 20:35:17+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-gcm7-57gf-953c 2026-07-11 04:41:43+00:00| seen| https://gist.github.com/alon710/5b22d6c437eabc82b89ba6fa8ccee27d...

5.9CVSS6.1AI score0.00239EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-39127

SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML...

9.9CVSS6.1AI score0.00289EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-39126

SiYuan: Stored XSS in Bazaar marketplace via package README event handlers...

7.1CVSS6.1AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-39125

SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist...

9.2CVSS6.1AI score0.00607EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-39124

SiYuan: Unauthenticated SQLite Data Exfiltration via Template Injection in /api/icon/getDynamicIcon...

5.9CVSS6.1AI score0.00239EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-39123

SiYuan: Stored XSS to RCE via CSS-snippet breakout in renderSnippet...

9.9CVSS6.1AI score0.00307EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-39122

SiYuan: Path Traversal via Double URL Encoding in /assets/path publish mode arbitrary file─read, Incomplete fix of CVE-2026-41894...

7.5CVSS6.2AI score0.01892EPSS
Exploits0References2
NVD
NVD
added 5 days ago11 views

CVE-2026-59854

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacker-supplied absolute source paths and relies on util.IsSensitivePath in kernel/util/path.go, whose denylist misses common home-directory credential files such as...

4.9CVSS0.00278EPSS
Exploits0References4
NVD
NVD
added 5 days ago6 views

CVE-2026-59855

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, Asset.render in app/src/asset/index.ts interpolates the unsanitized this.path value into HTML assigned to innerHTML, allowing a crafted asset link containing a double quote to break out of the src attribute, inject an...

8.6CVSS0.00305EPSS
Exploits0References3
NVD
NVD
added 5 days ago5 views

CVE-2026-59834

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the block search endpoint POST /api/search/fullTextSearchBlock concatenates attacker-controlled paths values into SQL predicates used by non-SQL search modes, allowing an unauthenticated publish visitor to inject a UNI...

7.5CVSS0.0038EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-59854

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacker-supplied absolute source paths and relies on util.IsSensitivePath in kernel/util/path.go, whose denylist misses common home-directory credential files such as...

4.9CVSS6AI score0.00278EPSS
Exploits0References5Affected Software1
CVE
CVE
added 5 days ago8 views

CVE-2026-59854

SiYuan (open-source PKM) prior to 3.7.1 allows an authenticated administrator or API-token user to copy home-directory credential files into the workspace via POST /api/file/globalCopyFiles. The root cause is util.IsSensitivePath’s denylist in kernel/util/path.go missing common home-dir dotfiles ...

4.9CVSS6AI score0.00278EPSS
Exploits0References4
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-59854 SiYuan: Incomplete IsSensitivePath denylist: globalCopyFiles reads home-dir credential dotfiles into the workspace

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacker-supplied absolute source paths and relies on util.IsSensitivePath in kernel/util/path.go, whose denylist misses common home-directory credential files such as...

4.9CVSS0.00278EPSS
Exploits0References4
Rows per page
Query Builder