Known Vulnerabilities for Siyuan by B3log

Listed below are 10 of the newest known vulnerabilities associated with "Siyuan" by "B3log".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-59855 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, Asset.render in app/src/asset/index.ts interpo... Not Provided 2026-07-09 2026-07-09
CVE-2026-59854 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacke... Not Provided 2026-07-09 2026-07-10
CVE-2026-59853 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns ... Not Provided 2026-07-09 2026-07-10
CVE-2026-59834 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the block search endpoint POST /api/search/ful... Not Provided 2026-07-09 2026-07-10
CVE-2026-59833 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTM... Not Provided 2026-07-09 2026-07-10
CVE-2026-59832 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /snippets/*filepath route handler serveSni... Not Provided 2026-07-09 2026-07-10
CVE-2026-56397 json SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious pack... Not Provided 2026-06-21 2026-06-24
CVE-2026-56395 json SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious pack... Not Provided 2026-06-21 2026-06-22
CVE-2026-55570 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape the untrusted fields (name,... Not Provided 2026-06-24 2026-06-25
CVE-2026-54759 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove