Known Vulnerabilities for products from B3log
Listed below are 20 of the newest known vulnerabilities associated with the vendor "B3log".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40922 json | SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar... | Not Provided | 2026-04-17 | 2026-04-20 |
| CVE-2026-40322 json | SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered wit... | Not Provided | 2026-04-16 | 2026-04-20 |
| CVE-2026-40318 json | SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api/av/removeUnusedAttribute... | Not Provided | 2026-04-16 | 2026-04-20 |
| CVE-2026-40259 json | SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttribute... | Not Provided | 2026-04-16 | 2026-04-20 |
| CVE-2026-40107 json | SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with securityLevel: "loose" an... | Not Provided | 2026-04-09 | 2026-04-16 |
| CVE-2026-39846 json | SiYuan is a personal knowledge management system. Prior to 3.6.4, a malicious note synced to another user can trigger remote ... | Not Provided | 2026-04-07 | 2026-04-16 |
| CVE-2026-34605 json | SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introd... | Not Provided | 2026-03-31 | 2026-04-03 |
| CVE-2026-34585 json | SiYuan is a personal knowledge management system. Prior to version 3.6.2, a vulnerability allows crafted block attribute valu... | Not Provided | 2026-03-31 | 2026-04-03 |
| CVE-2026-34453 json | SiYuan is a personal knowledge management system. Prior to version 3.6.2, the publish service exposes bookmarked blocks from ... | Not Provided | 2026-03-31 | 2026-04-03 |
| CVE-2026-34449 json | SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Executi... | Not Provided | 2026-03-31 | 2026-04-03 |
| CVE-2026-34448 json | SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Att... | Not Provided | 2026-03-31 | 2026-04-03 |
| CVE-2026-33670 json | SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to travers... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33669 json | SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readD... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-23850 json | SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted server... | Not Provided | 2026-01-19 | 2026-04-29 |
| CVE-2026-1813 json | Not Provided | 2026-02-04 | 2026-02-23 | |
| CVE-2026-1812 json | Not Provided | 2026-02-03 | 2026-02-23 | |
| CVE-2026-1811 json | Not Provided | 2026-02-03 | 2026-02-23 | |
| CVE-2026-1810 json | Not Provided | 2026-02-03 | 2026-02-23 | |
| CVE-2026-1691 json | Not Provided | 2026-01-30 | 2026-02-23 | |
| CVE-2022-0350 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-03-31 | 2023-03-07 |