2 matches found
GO-2026-5370 SiYuan has broken access control in `/api/search/{searchAsset,searchTag,searchWidget,searchTemplate}` publish-mode in github.com/siyuan-note/siyuan/kernel
SiYuan has broken access control in /api/search/searchAsset,searchTag,searchWidget,searchTemplate publish-mode in github.com/siyuan-note/siyuan/kernel...
CVE-2026-45148
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate metadata from documents that are invisible to the publish service. This vulnerability is fixed in...