Filtered by vendor B3log
Subscribe
Total
70 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-23847 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 6.1 MEDIUM |
| SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons (type=8). The content query parameter is inserted directly into the SVG <text> tag without XML escaping. Since the response Content-Type is image/svg+xml, injecting unescaped tags allows breaking the XML structure and executing JavaScript. Version 3.5.4 patches the issue.] | |||||
| CVE-2026-23645 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 6.1 MEDIUM |
| SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a Stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan Note. The application does not sanitize uploaded SVG files. If a user uploads and views a malicious SVG file (e.g., imported from an untrusted source), arbitrary JavaScript code is executed in the context of their authenticated session. This vulnerability is fixed in 3.5.4-dev2. | |||||
| CVE-2025-68948 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 8.1 HIGH |
| SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode is stored within the session cookie, an attacker who intercepts or obtains a user's encrypted session cookie (e.g., via session hijacking) can locally decrypt it using the public key. Once decrypted, the attacker can retrieve the AccessAuthCode in plain text and use it to authenticate or take over the session. | |||||
| CVE-2025-67488 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 7.8 HIGH |
| SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the import functionality in notes is able to overwrite any file on the system, and can escalate to full code execution under some circumstances. A fix is planned for version 3.5.0. | |||||
| CVE-2025-21609 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 9.1 CRITICAL |
| SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server. Commit d9887aeec1b27073bec66299a9a4181dc42969f3 fixes this vulnerability and is expected to be available in version 3.1.19. | |||||
| CVE-2024-6938 | 1 B3log | 1 Siyuan | 2026-06-17 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PDF.js of the component PDF Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271993 was assigned to this vulnerability. | |||||
| CVE-2024-55660 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 9.8 CRITICAL |
| SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables. Version 3.1.16 contains a patch for the issue. | |||||
| CVE-2024-55659 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 5.4 MEDIUM |
| SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue. | |||||
| CVE-2024-55658 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 7.5 HIGH |
| SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/exportResources endpoint is vulnerable to arbitary file read via path traversal. It is possible to manipulate the paths parameter to access and download arbitrary files from the host system by traversing the workspace directory structure. Version 3.1.16 contains a patch for the issue. | |||||
| CVE-2024-55657 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 7.5 HIGH |
| SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host system. Version 3.1.16 contains a patch for the issue. | |||||
| CVE-2024-53507 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems. | |||||
| CVE-2024-53506 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs. | |||||
| CVE-2024-53505 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent. | |||||
| CVE-2024-53504 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. | |||||
| CVE-2024-39150 | 1 B3log | 1 Vditor | 2026-06-17 | N/A | 5.9 MEDIUM |
| vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet. | |||||
| CVE-2024-34449 | 1 B3log | 1 Vditor | 2026-06-17 | N/A | 6.1 MEDIUM |
| Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true. | |||||
| CVE-2024-2692 | 1 B3log | 1 Siyuan | 2026-06-17 | N/A | 9.0 CRITICAL |
| SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS. | |||||
| CVE-2024-23049 | 1 B3log | 1 Symphony | 2026-06-17 | N/A | 9.8 CRITICAL |
| An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component. | |||||
| CVE-2022-0350 | 1 B3log | 1 Vditor | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13. | |||||
| CVE-2022-0341 | 1 B3log | 1 Vditor | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12. | |||||