GO-2024-3323: SiYuan has an arbitrary file read and path traversal via /api/export/exportResources in github.com/siyuan-note/siyuan/kernel
GO-2024-3324: SiYuan has an SSTI via /api/template/renderSprig in github.com/siyuan-note/siyuan/kernel
GO-2024-3326: SiYuan has an arbitrary file write in the host via /api/asset/upload in github.com/siyuan-note/siyuan/kernel
GO-2024-3327: SiYuan has an arbitrary file read via /api/template/render in github.com/siyuan-note/siyuan/kernel
GO-2025-3362: SiYuan has an arbitrary file deletion vulnerability in github.com/siyuan-note/siyuan/kernel
GO-2025-4219: SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin in github.com/siyuan-note/siyuan/kernel
GO-2025-4221: SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE in github.com/siyuan-note/siyuan/kernel
GO-2026-4386: SiYuan File Read API Case Sensitivity Bypass can Lead to Path Traversal in github.com/siyuan-note/siyuan/kernel
GO-2026-4387: SiYuan has Arbitrary File Write via /api/file/copyFile leading to RCE in github.com/siyuan-note/siyuan/kernel
GO-2026-4592: SiYuan's direct SQL Query API accessible to Reader-level users enables unauthorized database access in github.com/siyuan-note/siyuan/kernel
GO-2026-4646: SiYuan Vulnerable to Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage in github.com/siyuan-note/siyuan/kernel
GO-2026-4658: SiYuan: Authorization Bypass Allows Low-Privilege Publish User to Modify Notebook Content via /api/block/appendHeadingChildren in github.com/siyuan-note/siyuan/kernel
GO-2026-4685: SiYuan has a Full-Read SSRF via /api/network/forwardProxy in github.com/siyuan-note/siyuan/kernel
GO-2026-4700: SiYuan's renderSprig has a missing admin check that allows any user to read full workspace DB in github.com/siyuan-note/siyuan/kernel
GO-2026-4705: SiYuan globalCopyFiles: incomplete sensitive path blocklist allows reading /proc and Docker secrets in github.com/siyuan-note/siyuan/kernel
GO-2026-4706: SiYuan Vulnerable to Remote Code Execution via Stored XSS in Notebook Name - Mobile Interface in github.com/siyuan-note/siyuan/kernel
GO-2026-4707: SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write in github.com/siyuan-note/siyuan/kernel
GO-2026-4709: SiYuan Vulnerable to Cross-Origin WebSocket Hijacking via Authentication Bypass — Unauthenticated Information Disclosure in github.com/siyuan-note/siyuan/kernel
GO-2026-4716: SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API in github.com/siyuan-note/siyuan/kernel
GO-2026-4722: SiYuan Vulnerable to Arbitrary File Read in Desktop Publish Service in github.com/siyuan-note/siyuan/kernel
GO-2026-4752: SiYuan has an Unauthenticated WebSocket DoS via Auth Keepalive Bypass in github.com/siyuan-note/siyuan/kernel
GO-2026-4766: SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home (GHSA-h5vh-m7fg-w5h6 Bypass) in github.com/siyuan-note/siyuan/kernel
GO-2026-4802: Siyuan has an Unauthenticated Arbitrary File Read via Path Traversal in github.com/siyuan-note/siyuan/kernel
GO-2026-4842: SiYuan has Arbitrary Document Reading within the Publishing Service in github.com/siyuan-note/siyuan/kernel
GO-2026-4843: SiYuan has directory traversal within its publishing service in github.com/siyuan-note/siyuan/kernel
GO-2026-4992: SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE in github.com/siyuan-note/siyuan/kernel
GO-2026-4993: SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585) in github.com/siyuan-note/siyuan/kernel
GO-2026-5001: SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution in github.com/siyuan-note/siyuan/kernel
Documentation
¶
Source Files