SiYuan Flaws Exposed Files and Enabled Desktop Command Execution
SiYuan disclosed two high-severity vulnerabilities affecting its personal knowledge management platform, including an arbitrary file-read issue tracked as CVE-2026-32938 and a stored XSS flaw tracked as CVE-2026-34448. In SiYuan 3.6.0 and earlier, the desktop publish service endpoint /api/lute/html2BlockDOM could copy local files referenced through file:// links into the workspace assets directory without properly validating sensitive paths. Because authenticated users could then access GET /assets/*path, a publish-service visitor could exfiltrate readable local files from the desktop environment. The issue was fixed in 3.6.1.
A separate flaw in SiYuan before 3.6.2 allowed an attacker to plant a malicious URL in an Attribute View field and trigger stored XSS when a victim opened Gallery or Kanban views configured with "Cover From -> Asset Field". The application accepted arbitrary HTTP(S) URLs without extensions as images and injected them into an <img src="..."> attribute without escaping. In the Electron desktop client, where nodeIntegration was enabled and contextIsolation was disabled, the XSS could escalate to arbitrary operating-system command execution under the victim’s account. SiYuan patched the command-execution path in 3.6.2, leaving affected organizations to prioritize upgrades across both releases.
Timeline
Mar 31, 2026
CVE-2026-34448 disclosed for SiYuan stored XSS in Attribute View
CVE-2026-34448 was disclosed on March 31, 2026, describing a stored XSS flaw in SiYuan's Attribute View gallery and kanban cover rendering. An attacker able to place a malicious URL in an Attribute View field could trigger code execution when a victim opened the affected view with cover rendering enabled.
Mar 31, 2026
SiYuan patches stored XSS-to-RCE flaw in version 3.6.2
SiYuan fixed a stored XSS vulnerability in version 3.6.2 that affected versions prior to 3.6.2. In the Electron desktop client, the bug could escalate to arbitrary OS command execution because nodeIntegration was enabled and contextIsolation was disabled.
Mar 20, 2026
GitHub advisory discloses CVE-2026-32938 in SiYuan
A GitHub security advisory disclosed CVE-2026-32938 on March 20, 2026. The issue affected SiYuan's Desktop Publish Service and was classified as an arbitrary file read vulnerability.
Mar 20, 2026
SiYuan fixes arbitrary file read in version 3.6.1
SiYuan addressed an arbitrary file read vulnerability affecting version 3.6.0 and earlier in release 3.6.1. The flaw allowed a publish-service visitor to cause the desktop kernel to copy readable local files into workspace assets and retrieve them, enabling sensitive file exfiltration.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Vulnerabilities
Affected Products
Sources
Related Stories
SiYuan Mermaid Rendering Flaws Expose NTLM Hashes and Enable Electron RCE
GitHub security advisories disclosed two high-severity vulnerabilities in **SiYuan** that stem from unsafe Mermaid diagram rendering in versions `3.6.3` and earlier. In `CVE-2026-40107`, SiYuan rendered Mermaid content with `securityLevel="loose"` and `htmlLabels` enabled, allowing attacker-controlled `img` tags to survive sanitization and be injected into SVG `foreignObject` content through `innerHTML`. When a victim opens a malicious note, the Electron client can fetch an attacker-controlled URL; on Windows, protocol-relative paths may resolve to UNC shares and trigger automatic SMB authentication, leaking the victim's **NTLMv2** hash. The issue was fixed in version `3.6.4` and mapped to `CWE-918`. A second flaw, `CVE-2026-40322`, used the same Mermaid configuration weakness to allow `javascript:` links to persist in rendered SVG output, creating a stored **XSS** condition. In SiYuan's Electron desktop application, where `nodeIntegration` was enabled and `contextIsolation` disabled, the bug could be escalated to arbitrary code execution if a user opened a malicious note and clicked the rendered diagram node. The vulnerability affects the same pre-`3.6.4` release line and is mapped to `CWE-79` and `CWE-94`, with advisory details describing high impact to confidentiality, integrity, and availability.
2 weeks ago
Cross-Site Scripting Vulnerabilities in SiYuan, Angular, and @leanprover/unicode-input-component
Multiple newly reported **cross-site scripting (XSS)** vulnerabilities affect unrelated software products, including **SiYuan**, **Angular**, and **@leanprover/unicode-input-component**. In SiYuan, incomplete SVG sanitization can let an unauthenticated attacker deliver a crafted URL that executes arbitrary JavaScript in the application's origin, enabling theft of session tokens, cookies, and API keys, as well as unauthorized access to notes, document contents, and configuration data. In Electron-based deployments, the impact may escalate to **remote code execution** if insecure web preferences such as `nodeIntegration` are enabled or `contextIsolation` is disabled. Angular disclosed a separate XSS flaw, tracked as **CVE-2026-32635**, caused by a sanitization bypass involving internationalized security-sensitive attributes such as `href` when combined with untrusted data binding; fixed versions include `22.0.0-next.3`, `21.2.4`, `20.3.18`, and `19.2.20`. A third, distinct issue, **CVE-2026-32732**, affects **@leanprover/unicode-input-component** and allows arbitrary JavaScript execution in a victim's browser session, potentially enabling session abuse, data access, and unauthorized backend requests. These are separate vulnerability disclosures rather than a single coordinated incident, and the content is substantive security reporting rather than fluff.
1 months ago
Code Execution Flaws Expose Vim netrw and SiYuan Users to Endpoint Compromise
Two newly disclosed vulnerabilities affect widely used desktop productivity tools and could let attackers execute code in the context of the logged-in user. **CVE-2026-28417** impacts Vim's `netrw` plugin and allows OS command injection with user interaction, potentially exposing the victim's files, environment variables, and active authentication tokens. The issue is rated **CVSS 4.4 (Medium)** and appears limited to local exploitation, but it could still support persistence, sensitive file theft, or follow-on lateral movement from a developer workstation. A more severe flaw, **CVE-2026-39846**, affects the SiYuan Electron client and enables remote code execution through a stored XSS condition delivered via synchronized note content. The vulnerability carries a **CVSS 9.1** rating and can be triggered when a user opens a malicious synchronized note, allowing silent background execution with the victim user's privileges. Reporting indicates a proof of concept exists, making targeted compromise plausible even though neither issue was reported as actively exploited at disclosure and the Vim flaw was not listed in CISA's Known Exploited Vulnerabilities catalog.
3 weeks ago