Plattform
go
Komponente
github.com/siyuan-note/siyuan/kernel
Behoben in
3.5.5
0.0.0-20260118092521-f8f4b517077b
CVE-2026-23851 describes an Arbitrary File Access vulnerability discovered in the SiYuan kernel, a core component of the SiYuan note-taking application. This vulnerability allows an attacker to potentially read sensitive files from the system. The vulnerability affects versions of SiYuan kernel prior to 0.0.0-20260118092521-f8f4b517077b. A patch has been released to address this issue.
The Arbitrary File Access vulnerability in SiYuan allows an attacker to read any file accessible to the application process. This could include configuration files containing sensitive credentials, database files with user data, or even source code. Successful exploitation could lead to data breaches, compromise of system integrity, and potential privilege escalation depending on the files accessed. The impact is particularly severe if the application is running with elevated privileges or has access to sensitive data stores. While the specific attack vector isn't detailed, the file copy functionality is the likely point of exploitation.
CVE-2026-23851 was publicly disclosed on 2026-02-03. The vulnerability's severity is rated as HIGH (CVSS 7.5). No public proof-of-concept (PoC) code has been identified at the time of writing. It is not currently listed on the CISA KEV catalog. Active exploitation campaigns are not currently known.
Organizations and individuals using SiYuan for note-taking, particularly those storing sensitive information within the application, are at risk. Users running older, unpatched versions of SiYuan are especially vulnerable. Shared hosting environments where multiple users share the same SiYuan instance are also at increased risk.
• linux / server: Monitor SiYuan process logs for unusual file access attempts. Use auditd to track file access events and create rules to alert on unauthorized reads.
auditctl -w /path/to/siyuan/data -p wa -k siyuan_file_access• go: Examine the SiYuan source code for the file copy function and related areas for potential vulnerabilities. Use static analysis tools to identify potential security flaws. • generic web: Monitor web server access logs for requests containing unusual file paths or attempts to access sensitive files via the SiYuan application.
disclosure
Exploit-Status
EPSS
0.04% (12% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-23851 is to immediately upgrade SiYuan kernel to version 0.0.0-20260118092521-f8f4b517077b or later. If upgrading is not immediately feasible, consider restricting file access permissions for the SiYuan process to the minimum necessary. Implement input validation and sanitization on any file paths used within the file copy functionality. Monitoring file system activity for unusual access patterns can also help detect potential exploitation attempts. After upgrade, confirm by attempting to trigger the vulnerable file copy functionality and verifying that access is denied.
Actualice SiYuan a la versión 3.5.4 o posterior. Esta versión corrige la vulnerabilidad de lectura arbitraria de archivos al validar correctamente las rutas de los archivos copiados.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-23851 is a HIGH severity vulnerability in the SiYuan kernel allowing attackers to read arbitrary files. It affects versions before 0.0.0-20260118092521-f8f4b517077b.
You are affected if you are using SiYuan kernel versions prior to 0.0.0-20260118092521-f8f4b517077b. Check your version and upgrade immediately.
Upgrade SiYuan to version 0.0.0-20260118092521-f8f4b517077b or later. If upgrading is not immediately possible, restrict file system access for the SiYuan process.
There are currently no reports of active exploitation, but the vulnerability's nature suggests a potential for rapid exploitation if a proof-of-concept is developed.
Refer to the SiYuan project's official website and GitHub repository for the latest security advisories and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine go.mod-Datei hoch und wir sagen dir sofort, ob du betroffen bist.