CVE-2026-44586

SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML without escaping. In the desktop app this becomes stored XSS, and because SiYuan's Electron windows a...

CVE-2026-26462

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the renderer process to access Node.js APIs and execute arbitrar...

PT-2026-41672

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the renderer process to access Node.js APIs and execute arbitrar...

CVE-2026-26462

CVE-2026-26462 affects Offline Hospital Management System 5.3.0. The root cause is an improper Electron renderer configuration that enables Node.js integration while disabling context isolation, allowing JavaScript in the renderer to access Node.js APIs and execute arbitrary operating system comm...

PT-2026-40730

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 0.0.0-20260421031503-96dfe0bea474 Description A stored cross-site scripting XSS issue exists in the Bazaar marketplace. The application fails to sanitize the name and version fields in package metadata files such as...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the handling of table captions during the rendering process. An attacker can execute arbitrary code with the privileges of the desktop client by syncing a crafted note containing malicious HTML or JavaScript ...

EUVD-2026-19973

SiYuan: Remote Code Execution in the Electron desktop client via stored XSS in synced table captions...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the process that renders the Gallery or Kanban view when a malicious URL is stored in the mAsset field and used as a cover image. An attacker can execute arbitrary operating system commands under the victim's...

GHSA-RX4H-526Q-4458 SiYuan: Stored XSS in Attribute View Gallery/Kanban Cover Rendering Allows Arbitrary Command Execution in Desktop Client

Summary An attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary https URLs without extensions as images, stores the...