CVE-2026-30926

{"id": "CVE-2026-30926", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 4.2, "exploitabilityScore": 2.8}]}, "published": "2026-03-10T07:44:56.943", "references": [{"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-f9cq-v43p-v523", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-f9cq-v43p-v523", "tags": ["Exploit", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-862"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint requires only the model.CheckAuth role, which accepts RoleReader sessions, but it does not enforce stricter checks, such as CheckAdminRole or CheckReadonly. This allows remote authenticated publish users with read-only privileges to append new blocks to existing documents, compromising the integrity of stored notes."}, {"lang": "es", "value": "SiYuan es un sistema de gesti\u00f3n de conocimiento personal. Anteriormente a la 3.5.10, existe una vulnerabilidad de escalada de privilegios en el servicio de publicaci\u00f3n de SiYuan Note que permite a las cuentas de publicaci\u00f3n de bajo privilegio (RoleReader) modificar el contenido del cuaderno a trav\u00e9s del endpoint de la API /api/block/appendHeadingChildren. El endpoint requiere solo el rol model.CheckAuth, que acepta sesiones de RoleReader, pero no aplica comprobaciones m\u00e1s estrictas, como CheckAdminRole o CheckReadonly. Esto permite a los usuarios de publicaci\u00f3n remotos autenticados con privilegios de solo lectura a\u00f1adir nuevos bloques a documentos existentes, comprometiendo la integridad de las notas almacenadas."}], "lastModified": "2026-03-13T17:06:54.933", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E7B145F-4786-4534-B4D6-A947F4CD06FE", "versionEndExcluding": "3.5.10"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}