B3log Siyuan
55 CVEs affecting B3log Siyuan. Latest disclosed: 2026-04-17. Critical: 23, High: 17.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-32938 | Critical | 9.9 | 2026-03-20 | SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2BlockDOM on the desktop copies local files pointed to by file… |
CVE-2026-33670 | Critical | 9.8 | 2026-03-26 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of a… |
CVE-2026-33669 | Critical | 9.8 | 2026-03-26 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/bl… |
CVE-2026-32767 | Critical | 9.8 | 2026-03-20 | SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock… |
CVE-2024-55660 | Critical | 9.8 | 2024-12-12 | SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template… |
CVE-2024-53507 | Critical | 9.8 | 2024-11-29 | A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems. |
CVE-2024-53506 | Critical | 9.8 | 2024-11-29 | A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs. |
CVE-2024-53505 | Critical | 9.8 | 2024-11-29 | A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent. |
CVE-2024-53504 | Critical | 9.8 | 2024-11-29 | A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. |
CVE-2026-34449 | Critical | 9.6 | 2026-03-31 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Execution (RCE) on any desktop running Si… |
CVE-2026-23852 | Critical | 9.6 | 2026-01-19 | SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting (XSS) vulnerability that allows an attacker to inj… |
CVE-2026-32940 | Critical | 9.3 | 2026-03-20 | SiYuan is a personal knowledge management system. In versions 3.6.0 and below, SanitizeSVG has an incomplete blocklist — it blocks data:text/html and data:imag… |
CVE-2026-30869 | Critical | 9.3 | 2026-03-10 | SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary… |
CVE-2026-29183 | Critical | 9.3 | 2026-03-06 | SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoin… |
CVE-2026-25539 | Critical | 9.1 | 2026-02-04 | SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authen… |
CVE-2025-21609 | Critical | 9.1 | 2025-01-03 | SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnera… |
CVE-2026-40322 | Critical | 9.0 | 2026-04-16 | SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered with securityLevel set to "loose", an… |
CVE-2026-39846 | Critical | 9.0 | 2026-04-07 | SiYuan is a personal knowledge management system. Prior to 3.6.4, a malicious note synced to another user can trigger remote code execution in the SiYuan Elect… |
CVE-2026-34448 | Critical | 9.0 | 2026-03-31 | SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigge… |
CVE-2026-33067 | Critical | 9.0 | 2026-03-20 | SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata fields (displayName, description) using template literals wi… |