Description
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREADME function uses lute.New() without calling SetSanitize(true), allowing raw HTML embedded in Markdown to pass through unmodified. The frontend then assigns the rendered HTML to innerHTML without any additional sanitization. A malicious package author can embed arbitrary JavaScript in their README that executes when a user clicks to view the package details. Because SiYuan's Electron configuration enables nodeIntegration: true with contextIsolation: false, this XSS escalates directly to full Remote Code Execution. The issue was patched in version 3.6.1.
Published: 2026-03-20
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Apply Patch
AI Analysis

Impact

SiYuan renders the README of a package without sanitizing raw Markdown, so an embedded script can survive into the webpage. When a user opens the package details, the frontend assigns this unfiltered HTML to innerHTML. Because the Electron process runs with nodeIntegration enabled and contextIsolation disabled, any script executed in the renderer gains full Node API access, allowing the attacker to execute arbitrary system commands. This stored cross‑site scripting flaw therefore escalates directly to remote code execution, undermining the confidentiality, integrity, and availability of the host machine.

Affected Systems

The affected product is SiYuan by siyuan-note. All releases up to and including version 3.6.0 contain the vulnerability. The defect was addressed in version 3.6.1; users on that or later releases are no longer affected.

Risk and Exploitability

The Common Vulnerability Scoring System assigns a score of 5.3, indicating a moderate severity level. The Exploit Prediction Scoring System rates the likelihood of exploitation below 1 %, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Exploitation requires an attacker to supply a package containing a malicious README; the attack plays out when the victim opens the package details. If the user views the crafted content, the script runs with full system privileges, giving the attacker complete control of the victim's machine. The practical risk is therefore contingent upon users installing or opening untrusted packages, but the potential impact is high when the condition is met.

Generated by OpenCVE AI on March 23, 2026 at 16:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update SiYuan to version 3.6.1 or later.

Generated by OpenCVE AI on March 23, 2026 at 16:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-4663-4mpg-879v SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering
History

Mon, 23 Mar 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared B3log
B3log siyuan
CPEs cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*
Vendors & Products B3log
B3log siyuan
Metrics cvssV3_1

{'score': 9.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

Fri, 20 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Siyuan
Siyuan siyuan
Vendors & Products Siyuan
Siyuan siyuan

Fri, 20 Mar 2026 08:30:00 +0000

Type Values Removed Values Added
Description SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREADME function uses lute.New() without calling SetSanitize(true), allowing raw HTML embedded in Markdown to pass through unmodified. The frontend then assigns the rendered HTML to innerHTML without any additional sanitization. A malicious package author can embed arbitrary JavaScript in their README that executes when a user clicks to view the package details. Because SiYuan's Electron configuration enables nodeIntegration: true with contextIsolation: false, this XSS escalates directly to full Remote Code Execution. The issue was patched in version 3.6.1.
Title SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

B3log Siyuan
Siyuan Siyuan
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-20T21:23:07.778Z

Reserved: 2026-03-17T19:27:06.343Z

Link: CVE-2026-33066

cve-icon Vulnrichment

Updated: 2026-03-20T21:23:02.521Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T09:16:14.697

Modified: 2026-03-23T15:31:10.727

Link: CVE-2026-33066

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:29:55Z

Weaknesses