Description
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover handler in app/src/block/popover.ts reads aria-label via getAttribute and passes it through decodeURIComponent before assigning to messageElement.innerHTML in app/src/dialog/tooltip.ts:41. The encoder used at the producer side, escapeAriaLabel in app/src/util/escape.ts:19-25, only handles HTML special characters (", ', <, literal &lt;) — it leaves %XX URL-escapes untouched. So a doc title containing %3Cimg src=x onerror=...%3E round-trips through escapeAriaLabel and the HTML attribute layer unmodified. Then decodeURIComponent on the consumer side converts %3C to a literal < character (a real <, NOT a character reference). When that string is assigned to innerHTML, the HTML5 tokenizer enters TagOpenState on the literal <, parses the <img> element, and the onerror handler fires. Because the renderer runs with nodeIntegration: true, contextIsolation: false, webSecurity: false (app/electron/main.js:407-411), require('child_process') is reachable from the injected handler, escalating to arbitrary code execution.This vulnerability is fixed in 3.7.0.
Published: 2026-05-14
Score: 9.4 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A crafted document title containing a URL-encoded <img> element bypasses the app’s escape routine, is decoded into a literal '<' on the client side, and is injected into the tooltip’s innerHTML. Because the Electron renderer is configured with nodeIntegration true, contextIsolation false, and webSecurity false, the payload can invoke child_process requiring arbitrary code execution on the user’s machine. The vulnerability is therefore a client‑side XSS that escalates to remote code execution on the host.

Affected Systems

The affected product is Siyuan, the open‑source personal knowledge management system. Versions prior to 3.7.0 are vulnerable; the issue was fixed in the 3.7.0 release.

Risk and Exploitability

With a CVSS score of 9.4, the flaw is considered critical. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. The exploit requires the user to open a maliciously crafted document within the application, which is a high‑impact attack vector for local users. Given the high severity and the ability to execute arbitrary code, the risk remains significant until the patch is applied.

Generated by OpenCVE AI on May 14, 2026 at 20:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Siyuan version 3.7.0 or later to receive the fix for the tooltip XSS.
  • Reconfigure the Electron runtime to disable node integration, enable context isolation, and enforce web security to prevent code execution from injected scripts.
  • Avoid opening untrusted documents in Siyuan and consider sanitizing document titles before rendering them as tooltips.

Generated by OpenCVE AI on May 14, 2026 at 20:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-25rp-h46x-2hjm SiYuan: Electron Renderer RCE via decodeURIComponent-driven tooltip XSS in aria-label sink (incomplete fix for CVE-2026-34585)
History

Fri, 15 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 14 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover handler in app/src/block/popover.ts reads aria-label via getAttribute and passes it through decodeURIComponent before assigning to messageElement.innerHTML in app/src/dialog/tooltip.ts:41. The encoder used at the producer side, escapeAriaLabel in app/src/util/escape.ts:19-25, only handles HTML special characters (", ', <, literal &lt;) — it leaves %XX URL-escapes untouched. So a doc title containing %3Cimg src=x onerror=...%3E round-trips through escapeAriaLabel and the HTML attribute layer unmodified. Then decodeURIComponent on the consumer side converts %3C to a literal < character (a real <, NOT a character reference). When that string is assigned to innerHTML, the HTML5 tokenizer enters TagOpenState on the literal <, parses the <img> element, and the onerror handler fires. Because the renderer runs with nodeIntegration: true, contextIsolation: false, webSecurity: false (app/electron/main.js:407-411), require('child_process') is reachable from the injected handler, escalating to arbitrary code execution.This vulnerability is fixed in 3.7.0.
Title SiYuan: URL-encoded title bypasses `escapeAriaLabel`, decoded by `decodeURIComponent` into a tooltip-XSS
Weaknesses CWE-116
CWE-1188
CWE-79
References
Metrics cvssV4_0

{'score': 9.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-15T14:12:05.382Z

Reserved: 2026-05-06T21:49:12.425Z

Link: CVE-2026-44588

cve-icon Vulnrichment

Updated: 2026-05-15T14:11:57.743Z

cve-icon NVD

Status : Deferred

Published: 2026-05-14T19:16:37.867

Modified: 2026-05-15T15:16:53.200

Link: CVE-2026-44588

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T20:45:28Z

Weaknesses