Path Traversal in Siyuan-note Siyuan

CVE-2026-41894

SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check (IsSensitivePath) but did not address the root cause — a redundant url.PathUnescape() call in serveExport…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.001 (16.7th percentile) — read the EPSS interpretation.

Affected products

Siyuan-note Siyuan — versions < 3.6.5

Weakness classification (CWE)

CWE-22 — Path Traversal

References

https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hjh7-r5w8-5872 (x_refsource_CONFIRM)
https://github.com/siyuan-note/siyuan/commit/bb481e1290c4a34255652ede85a546504505d2a7 (x_refsource_MISC)
https://github.com/siyuan-note/siyuan/releases/tag/v3.6.5 (x_refsource_MISC)