目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%
请我们喝杯咖啡

siyuan-note 厂商漏洞列表 / CVE 中文分析 67

siyuan-note 厂商相关 67 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

SiYuan Note 是一款开源双链笔记应用,核心用途为本地优先的知识管理与内容创作。截至最新统计,该项目已收录 51 条 CVE,历史漏洞多集中于跨站脚本(XSS)、任意文件读取及越权访问,部分版本存在远程代码执行风险。其安全特性强调数据本地化存储,但插件系统与 Web 接口曾暴露攻击面。用户需关注官方更新以修复已知缺陷,确保笔记数据安全。

Top products by siyuan-note: siyuan
CVE ID标题CVSS风险等级Published
CVE-2026-55570 思源笔记 Electron 远程代码执行漏洞 — siyuanCWE-79 9.0 Critical2026-06-24
CVE-2026-54759 思源笔记 Lute 解析 `<iframe>` 标签导致任意代码执行漏洞 — siyuanCWE-79--2026-06-24
CVE-2026-50551 思源笔记存储型XSS致远程代码执行漏洞 — siyuanCWE-79 9.9 Critical2026-06-24
CVE-2026-54158 思源笔记 genAVValueHTML 函数存储型XSS转远程代码执行漏洞 — siyuanCWE-79 9.9 Critical2026-06-24
CVE-2026-54070 思源笔记 Bazaar市场包README存储型XSS漏洞 — siyuanCWE-79 7.1 High2026-06-24
CVE-2026-54069 思源笔记 未授权管理员 API 访问漏洞 — siyuanCWE-346--2026-06-24
CVE-2026-54068 思源笔记 /api/icon/getDynamicIcon 模板注入致SQLite数据泄露漏洞 — siyuanCWE-306 5.9 Medium2026-06-24
CVE-2026-54067 思源笔记存储型XSS经CSS突破至远程代码执行 — siyuanCWE-79 9.9 Critical2026-06-24
CVE-2026-54066 思源笔记 /assets/*path 路径穿越漏洞 — siyuanCWE-22 7.5 High2026-06-24
CVE-2026-44670 SiYuan 跨站脚本漏洞 — siyuanCWE-79--2026-05-14
CVE-2026-44588 SiYuan 跨站脚本漏洞 — siyuanCWE-79--2026-05-14
CVE-2026-45147 SiYuan 授权问题漏洞 — siyuanCWE-285 4.3 Medium2026-05-14
CVE-2026-45148 SiYuan 安全漏洞 — siyuanCWE-863 4.3 Medium2026-05-14
CVE-2026-45371 SiYuan 授权问题漏洞 — siyuanCWE-285--2026-05-14
CVE-2026-45375 SiYuan 跨站脚本漏洞 — siyuanCWE-79 9.0 Critical2026-05-14
CVE-2026-44586 SiYuan 跨站脚本漏洞 — siyuanCWE-79 8.3 High2026-05-14
CVE-2026-41894 SiYuan 路径遍历漏洞 — siyuanCWE-22 6.5AIMediumAI2026-04-24
CVE-2026-41421 SiYuan 操作系统命令注入漏洞 — siyuanCWE-78 8.8 High2026-04-24
CVE-2026-40922 SiYuan 安全漏洞 — siyuanCWE-79 5.4AIMediumAI2026-04-16
CVE-2026-40322 SiYuan 安全漏洞 — siyuanCWE-79 9.1 Critical2026-04-16
CVE-2026-40318 SiYuan 安全漏洞 — siyuanCWE-24 8.5 High2026-04-16
CVE-2026-40259 SiYuan 安全漏洞 — siyuanCWE-285 8.1 High2026-04-16
CVE-2026-40107 SiYuan 代码问题漏洞 — siyuanCWE-918 6.1AIMediumAI2026-04-09
CVE-2026-39846 SiYuan 代码注入漏洞 — siyuanCWE-79 9.1 Critical2026-04-07
CVE-2026-34605 SiYuan 跨站脚本漏洞 — siyuanCWE-79 6.1 -2026-03-31
CVE-2026-34585 SiYuan 代码注入漏洞 — siyuanCWE-79 8.6 High2026-03-31
CVE-2026-34449 SiYuan 安全漏洞 — siyuanCWE-942 9.7 Critical2026-03-31
CVE-2026-34448 SiYuan 代码注入漏洞 — siyuanCWE-79 9.1 Critical2026-03-31
CVE-2026-34453 SiYuan 安全漏洞 — siyuanCWE-863 7.5 High2026-03-31
CVE-2026-33670 SiYuan 路径遍历漏洞 — siyuanCWE-22 9.8 Critical2026-03-26

本页汇总了 siyuan-note 厂商截至目前公开的全部 67 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。