Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Unauthenticated single-request file read over the network (AV:N/AC:L/PR:N/UI:N) on the publish endpoint, leaking sensitive secrets (C:H) with no write or availability impact (I:N/A:N).
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 ("Path Traversal via Double URL Encoding") sanitized the /export/ route but the identical root cause remains in the /assets/*path route. In publish mode (anonymous read-only HTTP endpoint, default port 6808), an unauthenticated remote attacker can read arbitrary files inside WorkspaceDir - including conf/conf.json (which contains the AccessAuthCode SHA256 hash, API token, and sync keys), temp/siyuan.db, temp/blocktree.db, and siyuan.log - by double-URL-encoding .. segments. This vulnerability is fixed in 3.7.0.
AnalysisAI
Arbitrary file disclosure in SiYuan personal knowledge management system before 3.7.0 lets an unauthenticated remote attacker read any file inside the workspace directory through its publish-mode HTTP endpoint (default port 6808). The flaw is an incomplete fix for CVE-2026-41894: the earlier patch sanitized the /export/ route but left the identical double-URL-encoding path traversal in the /assets/*path route, exposing conf/conf.json (AccessAuthCode SHA256 hash, API token, sync keys), the temp SQLite databases, and siyuan.log. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the target SiYuan instance to be running in publish mode - the anonymous read-only HTTP endpoint served by default on port 6808 - and that port to be reachable by the attacker. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, base 7.5) accurately reflects a network-reachable, low-complexity, unauthenticated read of high-value data with no integrity or availability impact - consistent with the description. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker locates an internet-exposed SiYuan instance running in publish mode on port 6808 and issues a single crafted HTTP GET to the /assets/ route with double-URL-encoded '..' segments to traverse out of the assets directory. They retrieve conf/conf.json to harvest the AccessAuthCode SHA256 hash, API token, and sync keys, then use those credentials and the leaked databases to escalate access. … |
| Remediation | Vendor-released patch: upgrade SiYuan to version 3.7.0 or later, which fixes the double-URL-encoding path traversal in the /assets/*path route; see the advisory at https://github.com/siyuan-note/siyuan/security/advisories/GHSA-p4m3-mgmm-c664. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all SiYuan deployments pre-3.7.0 with publish-mode enabled on port 6808; immediately restrict network access to that port via firewall or disable the endpoint if not required operationally. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
SiYuan personal knowledge management system prior to 3.5.4 has a stored XSS vulnerability (CVSS 9.6) that allows code ex
Origin-validation bypass in SiYuan Note (open-source personal knowledge management) before 3.7.0 lets any installed Chro
Reflected XSS in SiYuan knowledge management before 3.5.9.
SiYuan knowledge management system prior to 3.5.5 has a path traversal in /api/file/copyFile allowing arbitrary file ope
SQL injection in SiYuan prior to version 3.6.0 allows any authenticated user, including those with read-only access, to
Cross-site scripting (XSS) in SiYuan personal knowledge management system versions 3.6.0-3.6.1 allows remote attackers t
Remote attackers can read arbitrary files from SiYuan servers (versions prior to 3.5.4) by exploiting server-side HTML r
Unauthenticated attackers can read sensitive configuration files from SiYuan knowledge management systems prior to versi
Unauthenticated information disclosure in SiYuan personal knowledge management system versions before 3.6.2 allows remot
SiYuan knowledge management system versions before 3.5.4 allow authenticated users to copy arbitrary files from the serv
Reflected XSS in SiYuan's /api/icon/getDynamicIcon endpoint allows attackers to inject malicious JavaScript through unes
SiYuan's SVG sanitizer fails to properly filter malicious href attributes when whitespace characters are inserted into j
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39122