CVE-2026-32750

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and below

Description SiYuan, a personal knowledge management system, has an issue where the POST request to the /api/import/importStdMd endpoint directly passes the localPath parameter to the model.ImportFromLocalPath function without any path validation. This function recursively reads every file under the provided path and permanently stores their content as SiYuan notes in the workspace database, making them searchable and accessible to all workspace users. The imported data persists across restarts and is accessible to Publish Service Reader accounts. The issue resides in the kernel/api/import.go file, specifically within the importStdMd function, and the kernel/model/import.go file, within the ImportFromLocalPath function. The ImportFromLocalPath function utilizes filelock.Walk without any restrictions on the accepted paths. This allows an administrator to import the contents of any readable host directory into the workspace. When combined with a separate SQL injection issue (renderSprig), a non-administrator user can read all imported sensitive information without additional privileges. The exploit involves using the localPath parameter to access sensitive directories like /proc/1 and /run/secrets/.

Recommendations Versions prior to 3.6.1 are affected. Update SiYuan to version 3.6.1 or later.