Description
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2BlockDOM on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace assets directory without validating paths against a sensitive-path list. Together with GET /assets/*path, which only requires authentication, a publish-service visitor can cause the desktop kernel to copy any readable sensitive file and then read it via GET, leading to exfiltration of sensitive files. This issue has been fixed in version 3.6.1.
Published: 2026-03-20
Score: 9.9 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read
Action: Immediate Patch
AI Analysis

Impact

The flaw lets a user that can invoke the desktop publish service copy any locally readable file referenced by a file:// link in pasted HTML into the workspace assets directory without path validation, and subsequently read that file via the exposed asset URL. This results in unauthorized disclosure of sensitive data that may include credentials, configuration files, or other confidential information.

Affected Systems

SiYuan, the personal knowledge‑management system, desktop edition, is affected in versions 3.6.0 and earlier. The vulnerability is triggered when the /api/lute/html2BlockDOM endpoint processes pasted HTML containing file:// links, and the GET /assets/* path is then used to retrieve the copied file. The issue was fixed in release 3.6.1 and later.

Risk and Exploitability

The CVSS score of 9.9 places the vulnerability in the critical range, while the EPSS score below 1% indicates a current low probability of exploitation. The weakness is not listed in CISA’s KEV catalog. An attacker must be able to send a request to the publish service, which generally requires at least an authenticated user role. Once this requirement is met, the attacker can read any file that the SiYuan process can read, leading to significant confidentiality loss without additional privilege escalation.

Generated by OpenCVE AI on March 23, 2026 at 19:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade SiYuan to version 3.6.1 or later to eliminate the vulnerability.
  • Disallow or sanitize file:// references in pasted HTML within the publish service to prevent file copying.
  • Restrict access to the /assets/* endpoint so that only authorized users can view assets, and consider revoking public read access.
  • Monitor application logs for unexpected asset read activity and anomalous file access patterns.

Generated by OpenCVE AI on March 23, 2026 at 19:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-fq2j-j8hc-8vw8 SiYuan Vulnerable to Arbitrary File Read in Desktop Publish Service
History

Mon, 23 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared B3log
B3log siyuan
CPEs cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*
Vendors & Products B3log
B3log siyuan

Fri, 20 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Siyuan
Siyuan siyuan
Vendors & Products Siyuan
Siyuan siyuan

Fri, 20 Mar 2026 04:15:00 +0000

Type Values Removed Values Added
Description SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2BlockDOM on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace assets directory without validating paths against a sensitive-path list. Together with GET /assets/*path, which only requires authentication, a publish-service visitor can cause the desktop kernel to copy any readable sensitive file and then read it via GET, leading to exfiltration of sensitive files. This issue has been fixed in version 3.6.1.
Title SiYuan has an Arbitrary File Read in its Desktop Publish Service
Weaknesses CWE-200
CWE-22
CWE-284
References
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H'}

Subscriptions

B3log Siyuan
Siyuan Siyuan
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-20T15:47:02.647Z

Reserved: 2026-03-17T00:05:53.282Z

Link: CVE-2026-32938

cve-icon Vulnrichment

Updated: 2026-03-20T15:46:57.715Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T04:16:48.950

Modified: 2026-03-23T18:21:08.847

Link: CVE-2026-32938

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:09:30Z

Weaknesses