CVE-2026-59853
SiYuan prior to 3.7.1 exposes saved search criteria via /api/storage/getCriteria without publish-access filtering, enabling a publish-mode Reader to read private document paths, notebooks, documents, and block IDs, and to search/replace keywords for unpublished documents. This reflects a data-exp...