Vendor CVEs
Siyuan Note
All CVEs
74 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-30869 | 0.00 | — | 0.01 | Mar 9, 2026 | SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary files from the server filesystem. By exploiting double‑encoded traversal sequences, an attacker can access sensitive… | |||
| CVE-2026-30926 | 0.00 | — | 0.00 | Mar 9, 2026 | SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API… | |||
| CVE-2026-29183 | 0.00 | — | 0.01 | Mar 6, 2026 | SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint "GET /api/icon/getDynamicIcon" when type=8, attacker-controlled content is embedded into SVG output without escaping.… | |||
| CVE-2026-29073 | 0.00 | — | 0.00 | Mar 6, 2026 | SiYuan is a personal knowledge management system. Prior to version 3.6.0, the /api/query/sql lets a user run sql directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any sql query on the database. This issue has been patched in… | |||
| CVE-2026-25992 | 0.00 | — | 0.01 | Feb 10, 2026 | SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case… | |||
| CVE-2026-25647 | 0.00 | — | 0.00 | Feb 6, 2026 | Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier (as used in SiYuan before) has a Stored Cross-Site Scripting (XSS) vulnerability in the Markdown rendering engine. An attacker can inject malicious JavaScript into a Markdown text/note.… | |||
| CVE-2026-25539 | 0.00 | — | 0.01 | Feb 4, 2026 | SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution (RCE) by… | |||
| CVE-2026-23852 | 0.00 | — | 0.01 | Jan 19, 2026 | SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting (XSS) vulnerability that allows an attacker to inject arbitrary HTML attributes into the `icon` attribute of a block via the `/api/attr/setBlockAttrs` API. The payload is… | |||
| CVE-2026-23851 | 0.00 | — | 0.00 | Jan 19, 2026 | SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace… | |||
| CVE-2026-23847 | 0.00 | — | 0.00 | Jan 19, 2026 | SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons (type=8). The content query parameter is inserted… | |||
| CVE-2026-23645 | 0.00 | — | 0.00 | Jan 16, 2026 | SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a Stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan Note. The application does not sanitize uploaded SVG files. If a user uploads and views a malicious SVG file (e.g.,… | |||
| CVE-2025-68948 | 0.00 | — | 0.00 | Dec 27, 2025 | SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the… | |||
| CVE-2025-67488 | 0.00 | — | 0.00 | Dec 9, 2025 | SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user… | |||
| CVE-2025-21609 | 0.00 | — | 0.01 | Jan 3, 2025 | SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this… | |||
| CVE-2024-55660 | 0.00 | — | 0.01 | Dec 11, 2024 | SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access… | |||
| CVE-2024-55659 | 0.00 | — | 0.00 | Dec 11, 2024 | SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue. | |||
| CVE-2024-55658 | 0.00 | — | 0.01 | Dec 11, 2024 | SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/exportResources endpoint is vulnerable to arbitary file read via path traversal. It is possible to manipulate the paths parameter to access and download arbitrary files from the host… | |||
| CVE-2024-55657 | 0.00 | — | 0.01 | Dec 11, 2024 | SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host… | |||
| CVE-2024-53507 | 0.00 | — | 0.01 | Nov 29, 2024 | A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems. | |||
| CVE-2024-53506 | 0.00 | — | 0.01 | Nov 29, 2024 | A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs. | |||
| CVE-2024-53505 | 0.00 | — | 0.01 | Nov 29, 2024 | A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent. | |||
| CVE-2024-53504 | 0.00 | — | 0.01 | Nov 29, 2024 | A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. | |||
| CVE-2024-6938 | 0.00 | — | 0.00 | Jul 21, 2024 | A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PDF.js of the component PDF Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The… | |||
| CVE-2024-2692 | 0.00 | — | 0.01 | Apr 4, 2024 | SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS. |
- CVE-2026-30869Mar 9, 2026risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary files from the server filesystem. By exploiting double‑encoded traversal sequences, an attacker can access sensitive…
- CVE-2026-30926Mar 9, 2026risk 0.00cvss —epss 0.00
SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API…
- CVE-2026-29183Mar 6, 2026risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint "GET /api/icon/getDynamicIcon" when type=8, attacker-controlled content is embedded into SVG output without escaping.…
- CVE-2026-29073Mar 6, 2026risk 0.00cvss —epss 0.00
SiYuan is a personal knowledge management system. Prior to version 3.6.0, the /api/query/sql lets a user run sql directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any sql query on the database. This issue has been patched in…
- CVE-2026-25992Feb 10, 2026risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case…
- CVE-2026-25647Feb 6, 2026risk 0.00cvss —epss 0.00
Lute is a structured Markdown engine supporting Go and JavaScript. Lute 1.7.6 and earlier (as used in SiYuan before) has a Stored Cross-Site Scripting (XSS) vulnerability in the Markdown rendering engine. An attacker can inject malicious JavaScript into a Markdown text/note.…
- CVE-2026-25539Feb 4, 2026risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution (RCE) by…
- CVE-2026-23852Jan 19, 2026risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting (XSS) vulnerability that allows an attacker to inject arbitrary HTML attributes into the `icon` attribute of a block via the `/api/attr/setBlockAttrs` API. The payload is…
- CVE-2026-23851Jan 19, 2026risk 0.00cvss —epss 0.00
SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace…
- CVE-2026-23847Jan 19, 2026risk 0.00cvss —epss 0.00
SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons (type=8). The content query parameter is inserted…
- CVE-2026-23645Jan 16, 2026risk 0.00cvss —epss 0.00
SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a Stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan Note. The application does not sanitize uploaded SVG files. If a user uploads and views a malicious SVG file (e.g.,…
- CVE-2025-68948Dec 27, 2025risk 0.00cvss —epss 0.00
SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the…
- CVE-2025-67488Dec 9, 2025risk 0.00cvss —epss 0.00
SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user…
- CVE-2025-21609Jan 3, 2025risk 0.00cvss —epss 0.01
SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this…
- CVE-2024-55660Dec 11, 2024risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access…
- CVE-2024-55659Dec 11, 2024risk 0.00cvss —epss 0.00
SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue.
- CVE-2024-55658Dec 11, 2024risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/exportResources endpoint is vulnerable to arbitary file read via path traversal. It is possible to manipulate the paths parameter to access and download arbitrary files from the host…
- CVE-2024-55657Dec 11, 2024risk 0.00cvss —epss 0.01
SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host…
- CVE-2024-53507Nov 29, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems.
- CVE-2024-53506Nov 29, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs.
- CVE-2024-53505Nov 29, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent.
- CVE-2024-53504Nov 29, 2024risk 0.00cvss —epss 0.01
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory.
- CVE-2024-6938Jul 21, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PDF.js of the component PDF Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The…
- CVE-2024-2692Apr 4, 2024risk 0.00cvss —epss 0.01
SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS.
Page 2 of 2