SiYuan Unauthorized Attribute View Deletion Vulnerability (CVE-2026-40259)
SiYuan versions 3.6.3 and below are vulnerable to unauthorized attribute view deletion via the /api/av/removeUnusedAttributeView endpoint, allowing authenticated users with publish-service RoleReader tokens to delete arbitrary attribute view definitions, leading to database view breakage and workspace rendering issues.
SiYuan, an open-source personal knowledge management system, is susceptible to an unauthorized attribute view deletion vulnerability. Specifically, versions 3.6.3 and earlier are affected by CVE-2026-40259. The vulnerability resides in the /api/av/removeUnusedAttributeView endpoint. This endpoint is inadequately protected, relying solely on generic authentication that accepts publish-service RoleReader tokens. An attacker with a valid RoleReader token can exploit this flaw to permanently delete arbitrary attribute view definitions, causing data corruption. This issue was resolved in SiYuan version 3.6.4, underscoring the importance of promptly updating to the latest version. The scope of targeting includes any SiYuan instance running a vulnerable version, potentially affecting any user relying on the system for knowledge management.
Attack Chain
- Attacker obtains a valid publish-service RoleReader token for a SiYuan instance running version 3.6.3 or below.
- Attacker identifies the
data-av-idvalue of a target attribute view from publicly exposed or accessible content within the SiYuan workspace. - Attacker crafts a malicious HTTP POST request to the
/api/av/removeUnusedAttributeViewendpoint, including the compromised RoleReader token for authentication. - The POST request contains the target
data-av-idvalue within the request body, specifically targeting a attribute view for deletion. - The SiYuan server, failing to properly validate the attacker's privileges and the attribute view's usage, passes the attacker-controlled
data-av-iddirectly to a model function. - The model function unconditionally deletes the corresponding attribute view file from the workspace's storage.
- Affected database views and the workspace rendering become broken or corrupted due to the missing attribute view definition.
- The attacker achieves their objective of disrupting the SiYuan instance by deleting arbitrary attribute view definitions, requiring manual restoration of the database and workspace.
Impact
Successful exploitation of CVE-2026-40259 can lead to the permanent deletion of arbitrary attribute view definitions within a SiYuan workspace. This results in broken database views and workspace rendering, requiring manual intervention to restore functionality. While the specific number of potential victims is unknown, any organization or individual utilizing SiYuan versions 3.6.3 and below is vulnerable. The impact includes data integrity issues, service disruption, and potential data loss if backups are not available.
Recommendation
- Immediately upgrade all SiYuan installations to version 3.6.4 or later to remediate CVE-2026-40259.
- Implement the Sigma rule "SiYuan Suspicious Attribute View Deletion" to detect potential exploitation attempts targeting the
/api/av/removeUnusedAttributeViewendpoint. - Monitor web server logs for POST requests to the
/api/av/removeUnusedAttributeViewendpoint with unusual or unexpecteddata-av-idvalues. - Review and restrict publish-service RoleReader token permissions to minimize the potential impact of compromised credentials.
Detection coverage 2
SiYuan Suspicious Attribute View Deletion
highDetects suspicious POST requests to the /api/av/removeUnusedAttributeView endpoint in SiYuan, indicating potential unauthorized attribute view deletion attempts.
SiYuan Suspicious Attribute View Deletion - Status Code
mediumDetects suspicious POST requests to the /api/av/removeUnusedAttributeView endpoint in SiYuan, indicating potential unauthorized attribute view deletion attempts that might result in a 500 error.
Detection queries are available on the platform. Get full rules →