Description
SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model function that unconditionally deletes the corresponding attribute view file from the workspace without verifying that the caller has write privileges or that the target attribute view is actually unused. An authenticated publish-service reader can permanently delete arbitrary attribute view definitions by extracting publicly exposed data-av-id values from published content, causing breakage of database views and workspace rendering until manually restored. This issue has been fixed in version 3.6.4.
Published: 2026-04-16
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass with Unauthorized Deletion of Attribute View Files
Action: Immediate Upgrade
AI Analysis

Impact

The vulnerability is a lack of proper authorization checks for the /api/av/removeUnusedAttributeView endpoint. An attacker who can obtain a publish-service RoleReader token can send a request containing a valid attribute view ID. The endpoint blindly passes that ID to the deletion routine, removing the attribute view file from the workspace. The result is irreversible loss of view definitions, causing workspace rendering failures until manually restored. This results in a loss of integrity and availability of the affected content.

Affected Systems

Siyuan Note's open-source personal knowledge management system. Versions 3.6.3 and earlier are vulnerable. The issue has been addressed in release 3.6.4.

Risk and Exploitability

The CVSS base score of 8.1 indicates high severity. No EPSS value is available, so the likelihood of exploitation cannot be quantified. The vendor has not listed this vulnerability in CISA's KEV catalog. Because the endpoint accepts any authenticated publish reader token, the attack operates over the network from any system that can issue the API call. An attacker only needs to supply a known attribute view ID, which can be discovered from published content. Once exploited, the deletion causes immediate breakage, and the restoration requires manual intervention. The lack of proper privilege checks is the root of the problem.

Generated by OpenCVE AI on April 17, 2026 at 02:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Siyuan to version 3.6.4 or later to install the fixed code that enforces proper authorization checks.
  • Restrict publish-service reader tokens so they cannot invoke write-related APIs such as removeUnusedAttributeView.
  • Audit API permissions on your system to ensure that only authorized users have access to destructive endpoints and consider adding IP-based access controls.

Generated by OpenCVE AI on April 17, 2026 at 02:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-7m5h-w69j-qggg SiYuan: Publish Reader Can Arbitrarily Delete Attribute View Files via `/api/av/removeUnusedAttributeView`
History

Fri, 17 Apr 2026 08:15:00 +0000

Type Values Removed Values Added
First Time appeared Siyuan
Siyuan siyuan
Vendors & Products Siyuan
Siyuan siyuan

Thu, 16 Apr 2026 23:15:00 +0000

Type Values Removed Values Added
Description SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model function that unconditionally deletes the corresponding attribute view file from the workspace without verifying that the caller has write privileges or that the target attribute view is actually unused. An authenticated publish-service reader can permanently delete arbitrary attribute view definitions by extracting publicly exposed data-av-id values from published content, causing breakage of database views and workspace rendering until manually restored. This issue has been fixed in version 3.6.4.
Title SiYuan: Publish Reader Can Arbitrarily Delete Attribute View Files via removeUnusedAttributeView API
Weaknesses CWE-285
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H'}

Subscriptions

Siyuan Siyuan
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-16T22:50:20.441Z

Reserved: 2026-04-10T17:31:45.787Z

Link: CVE-2026-40259

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-04-16T23:16:33.430

Modified: 2026-04-17T15:38:09.243

Link: CVE-2026-40259

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T08:00:10Z

Weaknesses