Platform
go
Component
github.com/siyuan-note/siyuan/kernel
Fixed in
0.0.1
0.0.1
CVE-2025-67488 describes a Remote Code Execution (RCE) vulnerability within the SiYuan kernel, specifically stemming from a ZipSlip vulnerability. This flaw allows an attacker to achieve arbitrary file overwrite, potentially leading to complete system compromise. The vulnerability impacts versions of SiYuan prior to 3.5.0, and a patch has been released to address the issue.
The core of this vulnerability lies in a ZipSlip issue, a common problem where ZIP archive extraction doesn't properly sanitize file paths. An attacker can craft a malicious ZIP file with carefully constructed directory structures that, when extracted by SiYuan, will overwrite arbitrary files on the system. This file overwrite capability can be leveraged to overwrite critical system binaries, configuration files, or even inject malicious code into existing processes. Successful exploitation could grant an attacker full control over the affected SiYuan instance, potentially leading to data theft, system disruption, or further lateral movement within the network. The impact is particularly severe given SiYuan's potential use for sensitive note-taking and knowledge management.
As of the publication date (2025-12-15), this CVE has not been added to the CISA KEV catalog. Public proof-of-concept (PoC) code is currently unavailable, but the ZipSlip vulnerability class is well-understood, increasing the likelihood of PoC development. The EPSS score is likely to be assessed as medium, given the RCE nature and the potential for relatively straightforward exploitation once a PoC is available. The vulnerability resides within the SiYuan kernel, a Go application, which could influence exploitation techniques.
Exploit Status
EPSS
0.06% (18% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-67488 is to immediately upgrade SiYuan to version 3.5.0 or later, which includes the necessary fix. If upgrading is not immediately feasible due to compatibility concerns or system downtime requirements, consider implementing stricter input validation on ZIP files processed by SiYuan. Specifically, sanitize file paths extracted from ZIP archives to prevent traversal attacks. While not a complete solution, this can reduce the attack surface. Monitor system logs for unusual file modification activity, particularly in sensitive directories. Consider implementing a Web Application Firewall (WAF) with rules to block uploads of malicious ZIP files containing suspicious path patterns. After upgrading, confirm the fix by attempting to upload a test ZIP file containing a known malicious path pattern and verifying that the file is not overwritten.
Actualice SiYuan a la versión 3.5.0 o superior. Esta versión corrige la vulnerabilidad ZipSlip que permite la sobreescritura arbitraria de archivos. La actualización previene la posible ejecución remota de código.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-67488 is a Remote Code Execution vulnerability in the SiYuan kernel, allowing attackers to overwrite files and potentially gain control of the system.
You are affected if you are using SiYuan versions prior to 3.5.0. Upgrade immediately to mitigate the risk.
Upgrade SiYuan to version 3.5.0 or later. If immediate upgrade is not possible, implement stricter input validation on ZIP files.
As of the publication date, there is no confirmed active exploitation, but the vulnerability class is well-understood and PoC development is likely.
Refer to the official SiYuan project website and GitHub repository for the latest security advisories and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your go.mod file and we'll tell you instantly if you're affected.