CVE-2026-30869
CRITICAL
GHSA-2h2p-mvfx-868w
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
3Tags
Description
SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary files from the server filesystem. By exploiting double‑encoded traversal sequences, an attacker can access sensitive files such as conf/conf.json, which contains secrets including the API token, cookie signing key, and workspace access authentication code. Leaking these secrets may enable administrative access to the SiYuan kernel API, and in certain deployment scenarios could potentially be chained into remote code execution (RCE). This vulnerability is fixed in 3.5.10.
Analysis
SiYuan prior to 3.5.10 has a path traversal vulnerability enabling arbitrary file access through crafted API requests.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all SiYuan instances and versions in use across the organization; isolate affected systems from production networks if business operations permit. Within 7 days: Implement network segmentation to restrict SiYuan access to authorized users only; deploy WAF rules to block path traversal patterns; disable any non-essential SiYuan features. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today