Impact
SiYuan allows unauthenticated remote users to retrieve arbitrary files on the server through double‑URL‑encoded traversal sequences sent to the /assets/*path endpoint when the application is running in publish mode (the anonymous read‑only HTTP endpoint, default port 6808). The flaw is the same root cause that was addressed in the earlier CVE‑2026‑41894 by sanitising the /export/ route, but the /assets/*path route remains vulnerable. By sending double‑URL‑encoded '..' segments, an attacker can read sensitive files inside the WorkspaceDir, including conf/conf.json (which holds the AccessAuthCode SHA‑256 hash, API token, and sync keys), temp/siyuan.db, temp/blocktree.db, and siyuan.log. This results in a significant loss of confidentiality for anyone exposed to the publish endpoint (CWE‑22, CWE‑23, CWE‑1188).
Affected Systems
The issue affects all releases of the siyuan-note:siyuan product prior to version 3.7.0. Any deployment of SiYuan running in publish mode before the release of 3.7.0 is susceptible; versions 3.7.0 and later contain the fix.
Risk and Exploitability
The CVSS base score of 7.5 indicates medium‑high severity, reflecting that the vulnerability is exploitable without authentication and can lead to disclosure of secrets. The EPSS score is 2%, indicating a low exploitation probability. The vulnerability is not listed in CISA’s KEV catalog. An attacker only needs network access to the publish port 6808 to enumerate and read arbitrary files; there are no preconditions beyond the publish mode being enabled, making the attack vector likely from externally reachable hosts or internal network scanners. The impact is confined to confidentiality loss and potential post‑exploitation capabilities for an attacker who can read sensitive files.
OpenCVE Enrichment
Github GHSA