{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-44670/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["siyuan-note/siyuan/kernel"],"_cs_severities":["critical"],"_cs_tags":["xss","rce","siyuan","cve-2026-44670"],"_cs_type":"advisory","_cs_vendors":["GitHub"],"content_html":"\u003cp\u003eSiYuan is vulnerable to a stored cross-site scripting (XSS) vulnerability (CVE-2026-44670) due to improper handling of Attribute View (AV) names. The application\u0026rsquo;s kernel stores AV names without HTML escaping, and a rendering template uses raw string replacement to embed the name in HTML before pushing it to clients via WebSocket. Multiple client paths consume this value without escaping, leading to HTML injection. The main BrowserWindow runs with \u003ccode\u003enodeIntegration:true\u003c/code\u003e, \u003ccode\u003econtextIsolation:false\u003c/code\u003e, and \u003ccode\u003ewebSecurity:false\u003c/code\u003e, exacerbating the issue and allowing for Node.js code execution from injected HTML. This vulnerability affects SiYuan versions up to and including 3.6.5 and can be exploited through various vectors, including browser extensions, shared \u003ccode\u003e.sy.zip\u003c/code\u003e files, and sync replication from compromised devices, as well as Bazaar templates.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious Attribute View (AV) name containing a JavaScript payload, such as \u003ccode\u003e\u0026lt;img src=x onerror=\u0026quot;require('child_process').exec(process.platform==='win32'?'calc.exe':process.platform==='darwin'?'open -a Calculator':'xcalc')\u0026quot;\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the SiYuan UI or API endpoint \u003ccode\u003e/api/transactions\u003c/code\u003e with the \u003ccode\u003esetAttrViewName\u003c/code\u003e action to set the crafted AV name.\u003c/li\u003e\n\u003cli\u003eThe kernel stores the malicious AV name without proper HTML escaping in the \u003ccode\u003edata/storage/av/\u0026lt;id\u0026gt;.json\u003c/code\u003e file.\u003c/li\u003e\n\u003cli\u003eWhen a user opens a document bound to the malicious AV, the AV name is retrieved from storage and rendered into the user interface via WebSocket updates or direct rendering during document load.\u003c/li\u003e\n\u003cli\u003eThe vulnerable code paths at \u003ccode\u003eapp/src/protyle/render/av/render.ts:120\u003c/code\u003e, \u003ccode\u003eapp/src/protyle/header/Title.ts:396-403\u003c/code\u003e, or \u003ccode\u003eapp/src/protyle/wysiwyg/transaction.ts:549-562,659\u003c/code\u003e inject the unescaped AV name into the DOM.\u003c/li\u003e\n\u003cli\u003eThe browser executes the injected JavaScript payload due to the lack of context isolation and disabled web security.\u003c/li\u003e\n\u003cli\u003eThe payload executes arbitrary commands on the victim\u0026rsquo;s machine. For example, it launches the calculator application using \u003ccode\u003erequire('child_process').exec()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves remote code execution (RCE) on the victim\u0026rsquo;s machine with the user\u0026rsquo;s privileges.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability leads to remote code execution (RCE) on the victim\u0026rsquo;s desktop. The payload is persistent, surviving restarts and syncing across devices. The vulnerability affects all user roles (Administrator, Editor, Reader, and publish-service Visitor). After gaining RCE, an attacker can perform various malicious activities, including full filesystem read, persistence, and cloud-account pivot. The vulnerability can be exploited through browser extensions, shared \u003ccode\u003e.sy.zip\u003c/code\u003e files, Bazaar templates, sync peers, and co-authors on a shared workspace.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the suggested fixes from the advisory to mitigate the vulnerability in the SiYuan kernel. Specifically, use \u003ccode\u003etemplate.HTMLEscapeString(nodeAvName)\u003c/code\u003e for the \u003ccode\u003e${avName}\u003c/code\u003e substitution in \u003ccode\u003ekernel/model/attribute_view.go\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEscape the \u003ccode\u003eav-names\u003c/code\u003e value with \u003ccode\u003eLute.EscapeHTMLStr\u003c/code\u003e in \u003ccode\u003etransaction.ts:559\u003c/code\u003e to prevent HTML injection via WebSocket updates.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eLute.EscapeHTMLStr(data.name)\u003c/code\u003e for both \u003ccode\u003edata-title=\u003c/code\u003e and the text content in \u003ccode\u003erender.ts:120\u003c/code\u003e to prevent HTML injection during AV rendering.\u003c/li\u003e\n\u003cli\u003eEscape \u003ccode\u003eitem.name\u003c/code\u003e via \u003ccode\u003eLute.EscapeHTMLStr\u003c/code\u003e and \u003ccode\u003eitem.id\u003c/code\u003e via \u003ccode\u003eescapeAttr\u003c/code\u003e in \u003ccode\u003eTitle.ts:396\u003c/code\u003e during document title rendering.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect SiYuan XSS via Attribute View Name\u0026rdquo; to detect exploitation attempts by monitoring for the \u003ccode\u003esetAttrViewName\u003c/code\u003e action with suspicious HTML payloads.\u003c/li\u003e\n\u003cli\u003eAs a defense-in-depth measure, switch the main BrowserWindow to \u003ccode\u003econtextIsolation: true\u003c/code\u003e with a preload bridge to limit the impact of potential future renderer XSS vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-09T12:00:00Z","date_published":"2026-05-09T12:00:00Z","id":"/briefs/2026-05-siyuan-xss-rce/","summary":"A stored cross-site scripting (XSS) vulnerability exists in SiYuan due to the kernel storing Attribute View (AV) names without HTML escaping, allowing a malicious actor to inject arbitrary HTML which leads to Node.js code execution due to insecure Electron configuration, resulting in remote code execution (RCE).","title":"SiYuan Stored XSS via Attribute View Name Leads to Electron Renderer RCE (CVE-2026-44670)","url":"https://feed.craftedsignal.io/briefs/2026-05-siyuan-xss-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-44670","version":"https://jsonfeed.org/version/1.1"}