| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-41894 | SiYuan: Incomplete Fix Bypass for CVE-2026-30869: Path Traversal via Double URL Encoding in `/export/` Endpoint | siyuan-note | siyuan | - | - | 2026-04-24 18:56:54 | Deep Dive |
| CVE-2026-41421 | SiYuan Desktop Notification XSS Leads to Electron RCE | siyuan-note | siyuan | High | 8.8 | 2026-04-24 18:53:50 | Deep Dive |
| CVE-2026-40922 | SiYuan: Incomplete sanitization of bazaar README allows stored XSS via iframe srcdoc (incomplete fix for CVE-2026-33066) | siyuan-note | siyuan | - | - | 2026-04-16 23:14:01 | Deep Dive |
| CVE-2026-40322 | SiYuan: Mermaid `javascript:` Link Injection Leads to Stored XSS and Electron RCE | siyuan-note | siyuan | Critical | 9.0 | 2026-04-16 23:00:08 | Deep Dive |
| CVE-2026-40318 | SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView` | siyuan-note | siyuan | High | 8.5 | 2026-04-16 22:54:48 | Deep Dive |
| CVE-2026-40259 | SiYuan: Publish Reader Can Arbitrarily Delete Attribute View Files via removeUnusedAttributeView API | siyuan-note | siyuan | High | 8.1 | 2026-04-16 22:49:37 | Deep Dive |
| CVE-2026-40107 | SiYuan Affected by Zero-Click NTLM Hash Theft and Blind SSRF via Mermaid Diagram Rendering | siyuan-note | siyuan | - | - | 2026-04-09 21:03:59 | Deep Dive |
| CVE-2026-39846 | SiYuan affected by Remote Code Execution in the Electron desktop client via stored XSS in synced table captions | siyuan-note | siyuan | Critical | 9.0 | 2026-04-07 21:34:29 | Deep Dive |
| CVE-2026-34605 | SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, unauthenticated ) | siyuan-note | siyuan | 中危 | - | 2026-03-31 21:50:10 | Deep Dive |
| CVE-2026-34585 | SiYuan: Stored XSS in imported .sy.zip content leads to arbitrary command execution | siyuan-note | siyuan | High | 8.6 | 2026-03-31 21:47:02 | Deep Dive |
| CVE-2026-34449 | SiYuan: Cross-Origin RCE via Permissive CORS Policy and JavaScript Snippet Injection | siyuan-note | siyuan | Critical | 9.6 | 2026-03-31 21:45:17 | Deep Dive |
| CVE-2026-34448 | SiYuan: Stored XSS in Attribute View gallery/kanban cover rendering allows arbitrary command execution in the desktop client | siyuan-note | siyuan | Critical | 9.0 | 2026-03-31 21:44:37 | Deep Dive |
| CVE-2026-34453 | SiYuan: Broken access control in /api/bookmark/getBookmark allows unauthenticated publish visitors to read password-protected bookmarked content | siyuan-note | siyuan | High | 7.5 | 2026-03-31 21:43:32 | Deep Dive |
| CVE-2026-33670 | SiYuan has directory traversal within its publishing service | siyuan-note | siyuan | Critical | 9.8 | 2026-03-26 21:15:57 | Deep Dive |
| CVE-2026-33669 | SiYuan has Arbitrary Document Reading within the Publishing Service | siyuan-note | siyuan | Critical | 9.8 | 2026-03-26 21:14:43 | Deep Dive |
| CVE-2026-33476 | SiYuan has an Unauthenticated Arbitrary File Read via Path Traversal | siyuan-note | siyuan | High | 7.5 | 2026-03-20 22:34:40 | Deep Dive |
| CVE-2026-33203 | SiYuan has an Unauthenticated WebSocket DoS via Auth Keepalive Bypass | siyuan-note | siyuan | High | 7.5 | 2026-03-20 22:32:33 | Deep Dive |
| CVE-2026-33194 | SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home | siyuan-note | siyuan | Medium | 6.8 | 2026-03-20 22:30:33 | Deep Dive |
| CVE-2026-33067 | SiYuan has Stored XSS to RCE via Unsanitized Bazaar Package Metadata | siyuan-note | siyuan | 中危 | - | 2026-03-20 08:14:54 | Deep Dive |
| CVE-2026-33066 | SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering | siyuan-note | siyuan | 中危 | - | 2026-03-20 08:11:53 | Deep Dive |