{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/github.com/siyuan-note/siyuan/kernel--0.0.0-20260421031503-96dfe0bea474/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["github.com/siyuan-note/siyuan/kernel (\u003c= 0.0.0-20260421031503-96dfe0bea474)"],"_cs_severities":["critical"],"_cs_tags":["xss","rce","electron","siyuan"],"_cs_type":"threat","_cs_vendors":["GitHub"],"content_html":"\u003cp\u003eSiYuan\u0026rsquo;s Bazaar (community marketplace) renders the \u003ccode\u003ename\u003c/code\u003e and \u003ccode\u003eversion\u003c/code\u003e fields of a package\u0026rsquo;s \u003ccode\u003eplugin.json\u003c/code\u003e into the Settings → Marketplace UI without HTML escaping, leading to a stored XSS vulnerability. The kernel-side helper \u003ccode\u003esanitizePackageDisplayStrings\u003c/code\u003e in \u003ccode\u003ekernel/bazaar/package.go\u003c/code\u003e HTML-escapes only \u003ccode\u003eAuthor\u003c/code\u003e, \u003ccode\u003eDisplayName\u003c/code\u003e, and \u003ccode\u003eDescription\u003c/code\u003e — \u003ccode\u003eName\u003c/code\u003e and \u003ccode\u003eVersion\u003c/code\u003e flow through to the renderer raw. Because the desktop client is built on Electron with \u003ccode\u003enodeIntegration: true\u003c/code\u003e, \u003ccode\u003econtextIsolation: false\u003c/code\u003e, and \u003ccode\u003ewebSecurity: false\u003c/code\u003e, the resulting cross-site scripting executes in a renderer with full access to Node.js APIs, escalating directly to arbitrary OS command execution under the victim\u0026rsquo;s account. The trigger requires merely opening Settings → Marketplace → Downloaded → Plugins. This vulnerability affects SiYuan kernel versions up to and including \u003ccode\u003e0.0.0-20260421031503-96dfe0bea474\u003c/code\u003e.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious plugin manifest (\u003ccode\u003eplugin.json\u003c/code\u003e) containing a payload in the \u003ccode\u003ename\u003c/code\u003e or \u003ccode\u003eversion\u003c/code\u003e fields, such as \u003ccode\u003e\u0026lt;img src=x onerror=\u0026quot;require('child_process').exec('...')\u0026quot;\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker submits the malicious plugin manifest to the SiYuan Bazaar marketplace, or places it in the local plugins directory.\u003c/li\u003e\n\u003cli\u003eThe SiYuan kernel retrieves and stores the plugin manifest without properly sanitizing the \u003ccode\u003ename\u003c/code\u003e and \u003ccode\u003eversion\u003c/code\u003e fields.\u003c/li\u003e\n\u003cli\u003eA user opens the SiYuan application and navigates to Settings → Marketplace → Downloaded → Plugins.\u003c/li\u003e\n\u003cli\u003eThe SiYuan frontend fetches the plugin metadata, including the unsanitized \u003ccode\u003ename\u003c/code\u003e and \u003ccode\u003eversion\u003c/code\u003e fields, from the backend.\u003c/li\u003e\n\u003cli\u003eThe frontend substitutes the \u003ccode\u003ename\u003c/code\u003e or \u003ccode\u003eversion\u003c/code\u003e fields into the HTML of the marketplace card list via \u003ccode\u003e${item.preferredName}\u003c/code\u003e, \u003ccode\u003e${data.name}\u003c/code\u003e, or \u003ccode\u003ev${data.version}\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe browser parses the malicious HTML, triggering the \u003ccode\u003eonerror\u003c/code\u003e event of the injected \u003ccode\u003e\u0026lt;img\u0026gt;\u003c/code\u003e tag.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eonerror\u003c/code\u003e handler executes \u003ccode\u003erequire('child_process').exec(...)\u003c/code\u003e, leading to arbitrary OS command execution under the user\u0026rsquo;s account.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation results in arbitrary OS command execution on the victim\u0026rsquo;s machine with the privileges of the user running the SiYuan application. This allows attackers to steal sensitive information, install malware, or perform other malicious actions. The vulnerability is triggered by simply viewing the marketplace listing, making it a zero-click exploit. The injected payload is visually undetectable due to the use of \u003ccode\u003edisplay:none\u003c/code\u003e style, making the attack stealthy. The Bazaar marketplace serves as a low-friction delivery channel.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect SiYuan Bazaar XSS via Malicious Plugin Name\u003c/code\u003e to detect exploitation attempts by monitoring for img tags with onerror attributes in bazaar package names.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect SiYuan Bazaar XSS via Malicious Plugin Version\u003c/code\u003e to detect exploitation attempts by monitoring for img tags with onerror attributes in bazaar package versions.\u003c/li\u003e\n\u003cli\u003eUpgrade to a patched version of SiYuan that includes proper HTML escaping of package metadata to address CVE-2026-45375.\u003c/li\u003e\n\u003cli\u003eImplement the suggested fix by extending the kernel allowlist in \u003ccode\u003ekernel/bazaar/package.go\u003c/code\u003e to escape the \u003ccode\u003eName\u003c/code\u003e, \u003ccode\u003eVersion\u003c/code\u003e, and \u003ccode\u003eKeywords\u003c/code\u003e fields.\u003c/li\u003e\n\u003cli\u003eApply the secondary fix by calling \u003ccode\u003esanitizePackageDisplayStrings\u003c/code\u003e from \u003ccode\u003ekernel/bazaar/bazaar.go:48\u003c/code\u003e to ensure consistent sanitization.\u003c/li\u003e\n\u003cli\u003eHarden the Electron renderer by enabling \u003ccode\u003econtextIsolation: true\u003c/code\u003e in \u003ccode\u003eapp/electron/main.js\u003c/code\u003e to limit the impact of future XSS vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-13T15:35:14Z","date_published":"2026-05-13T15:35:14Z","id":"https://feed.craftedsignal.io/briefs/2026-05-siyuan-bazaar-xss/","summary":"SiYuan's Bazaar marketplace is vulnerable to stored cross-site scripting (XSS) via unescaped package metadata, leading to arbitrary OS command execution in the desktop Electron client.","title":"SiYuan Bazaar Marketplace Stored XSS Leads to Electron RCE","url":"https://feed.craftedsignal.io/briefs/2026-05-siyuan-bazaar-xss/"}],"language":"en","title":"CraftedSignal Threat Feed — Github.com/Siyuan-Note/Siyuan/Kernel (\u003c= 0.0.0-20260421031503-96dfe0bea474)","version":"https://jsonfeed.org/version/1.1"}