Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

siyuan — Vulnerabilities & Security Advisories 60

All 60 CVE vulnerabilities found in siyuan, with AI-generated Chinese analysis, references, and POCs.

This is a vulnerability aggregation page for SiYuan, a self-hosted note-taking platform, covering Common Weakness Enumeration (CWE) related security issues. The page collects reported vulnerabilities affecting the SiYuan application, including issues related to cross-site scripting, authentication bypasses, and arbitrary file read access, with data covering security advisories released from 2021 through the present. By providing a centralized view of these security events, the resource allows security professionals and users to effectively track the vendor’s response timeline and advisory history for specific versions. It also enables analysts to understand the prevalence and nature of specific weakness classes within the codebase over time, facilitating better risk assessment for deployment environments. Furthermore, users can look up the complete vulnerability history of the product to determine patch availability and the stability of their current installation. This comprehensive overview supports informed decision-making regarding updates and security configurations without requiring manual searches across multiple bulletin sources. The information presented is aggregated from official vendor notifications and reputable security databases, ensuring accuracy and relevance for those managing SiYuan instances. This page serves as a critical reference point for evaluating the security posture of the software ecosystem surrounding SiYuan.

Vendor: SiYuan

CVE IDTitleCVSSSeverityPublished
CVE-2026-44670 SiYuan: Stored XSS via Attribute View name to Electron renderer RCE in SiYuan CWE-79--2026-05-14
CVE-2026-44588 SiYuan: URL-encoded title bypasses `escapeAriaLabel`, decoded by `decodeURIComponent` into a tooltip-XSS CWE-79--2026-05-14
CVE-2026-45147 SiYuan: Broken access control in SiYuan `/api/tag/getTag` — Reader role can mutate `Conf.Tag.Sort` and persist to disk CWE-285 4.3 Medium2026-05-14
CVE-2026-45148 SiYuan: Broken access control in SiYuan publish-mode Readers can enumerate metadata CWE-863 4.3 Medium2026-05-14
CVE-2026-45371 SiYuan: SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs CWE-285--2026-05-14
CVE-2026-45375 SiYuan: Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution CWE-79 9.0 Critical2026-05-14
CVE-2026-44586 SiYuan: Bazaar marketplace renders unescaped package author metadata, allowing XSS and Electron code execution CWE-79 8.3 High2026-05-14
CVE-2026-41894 SiYuan: Incomplete Fix Bypass for CVE-2026-30869: Path Traversal via Double URL Encoding in `/export/` Endpoint CWE-22 6.5AIMediumAI2026-04-24
CVE-2026-41421 SiYuan Desktop Notification XSS Leads to Electron RCE CWE-78 8.8 High2026-04-24
CVE-2026-40922 SiYuan: Incomplete sanitization of bazaar README allows stored XSS via iframe srcdoc (incomplete fix for CVE-2026-33066) CWE-79 5.4AIMediumAI2026-04-16
CVE-2026-40322 SiYuan: Mermaid `javascript:` Link Injection Leads to Stored XSS and Electron RCE CWE-79 9.1 Critical2026-04-16
CVE-2026-40318 SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView` CWE-24 8.5 High2026-04-16
CVE-2026-40259 SiYuan: Publish Reader Can Arbitrarily Delete Attribute View Files via removeUnusedAttributeView API CWE-285 8.1 High2026-04-16
CVE-2026-40107 SiYuan Affected by Zero-Click NTLM Hash Theft and Blind SSRF via Mermaid Diagram Rendering CWE-918 6.1AIMediumAI2026-04-09
CVE-2026-39846 SiYuan affected by Remote Code Execution in the Electron desktop client via stored XSS in synced table captions CWE-79 9.1 Critical2026-04-07
CVE-2026-34605 SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, unauthenticated ) CWE-79 6.1 -2026-03-31
CVE-2026-34585 SiYuan: Stored XSS in imported .sy.zip content leads to arbitrary command execution CWE-79 8.6 High2026-03-31
CVE-2026-34449 SiYuan: Cross-Origin RCE via Permissive CORS Policy and JavaScript Snippet Injection CWE-942 9.7 Critical2026-03-31
CVE-2026-34448 SiYuan: Stored XSS in Attribute View gallery/kanban cover rendering allows arbitrary command execution in the desktop client CWE-79 9.1 Critical2026-03-31
CVE-2026-34453 SiYuan: Broken access control in /api/bookmark/getBookmark allows unauthenticated publish visitors to read password-protected bookmarked content CWE-863 7.5 High2026-03-31
CVE-2026-33670 SiYuan has directory traversal within its publishing service CWE-22 9.8 Critical2026-03-26
CVE-2026-33669 SiYuan has Arbitrary Document Reading within the Publishing Service CWE-125 9.8 Critical2026-03-26
CVE-2026-33476 SiYuan has an Unauthenticated Arbitrary File Read via Path Traversal CWE-22 7.5 High2026-03-20
CVE-2026-33203 SiYuan has an Unauthenticated WebSocket DoS via Auth Keepalive Bypass CWE-248 7.5 High2026-03-20
CVE-2026-33194 SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home CWE-22 6.8 Medium2026-03-20
CVE-2026-33067 SiYuan has Stored XSS to RCE via Unsanitized Bazaar Package Metadata CWE-79 7.6 -2026-03-20
CVE-2026-33066 SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering CWE-79 5.4 -2026-03-20
CVE-2026-32940 SiYuan has a SanitizeSVG bypass via data:text/xml in getDynamicIcon (incomplete fix for CVE-2026-29183) CWE-79 9.3 Critical2026-03-20
CVE-2026-32938 SiYuan has an Arbitrary File Read in its Desktop Publish Service CWE-22 9.9 Critical2026-03-20
CVE-2026-32767 SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API CWE-89 9.8 Critical2026-03-20

All 60 known CVE vulnerabilities affecting siyuan with full Chinese analysis, references, and POCs where available.