CVE-2026-32747
SiYuan CVE-2026-32747 affects versions 3.6.0 and below, where the globalCopyFiles API exposes files outside the workspace due to a flawed blocklist in filepath.Abs()-based path resolution. The util.IsSensitivePath() blocklist omits /proc/, /run/secrets/, and home directory dotfiles, enabling an a...