Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionGitHub Advisory
SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Execution (RCE) on any desktop running SiYuan by exploiting the permissive CORS policy (Access-Control-Allow-Origin: * + Access-Control-Allow-Private-Network: true) to inject a JavaScript snippet via the API. The injected snippet executes in Electron's Node.js context with full OS access the next time the user opens SiYuan's UI. No user interaction is required beyond visiting the malicious website while SiYuan is running. This issue has been patched in version 3.6.2.
AnalysisAI
Remote code execution in SiYuan desktop application (versions prior to 3.6.2) allows unauthenticated remote attackers to execute arbitrary code with full operating system privileges through CORS misconfiguration. A malicious website can inject JavaScript into the Electron-based application's Node.js context via the permissive API (Access-Control-Allow-Origin: * with Access-Control-Allow-Private-Network: true), which executes with OS-level access when the user next opens SiYuan's interface. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | SiYuan desktop versions prior to 3.6.2 with permissive CORS policy (Access-Control-Allow-Origin: * and Access-Control-Allow-Private-Network: true) enabled. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is high despite requiring user interaction (UI:R). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker hosts a malicious website containing JavaScript that targets SiYuan's localhost API. When a victim running SiYuan (pre-3.6.2) visits this site during normal web browsing, the permissive CORS policy allows the attacker's script to make cross-origin requests to inject a persistent JavaScript payload via the API. … |
| Remediation | Upgrade immediately to SiYuan version 3.6.2 or later, released February 2025, which patches the permissive CORS configuration. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Audit all SiYuan installations across the organization and identify users running versions prior to 3.6.2; notify affected users to immediately discontinue use until patched. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
FortiOS and FortiProxy contain an authentication bypass via the Node.js websocket module allowing unauthenticated remote
Flowise version 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig paramete
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
Nest is a framework for building scalable Node.js server-side applications. Rated critical severity (CVSS 9.4), this vul
Remote unauthenticated attackers achieve full code execution on Paperclip AI orchestration servers (versions prior to 20
n8n workflow automation (through 1.121.2) allows authenticated users to execute arbitrary code via the n8n service, with
## Abstract Trend Micro's Zero Day Initiative has identified a vulnerability affecting FlowiseAI Flowise. ## Vulnerabi
n8n workflow automation (1.65.0 to 1.121.0) allows unauthenticated file access through form-based workflows. A critical
Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l
enclave-vm JavaScript sandbox (before 2.7.0) has a critical sandbox escape. When a tool invocation fails, a host-side Er
NO_PROXY protection bypass in Axios HTTP client (versions 1.0.0-1.15.0 and ≤0.31.0) lets an attacker who controls a requ
Unauthenticated remote code execution in DbGate (npm package dbgate-serve, versions <= 7.1.8) lets remote attackers exec
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17676
GHSA-68p4-j234-43mv