Plateforme
go
Composant
github.com/siyuan-note/siyuan/kernel
Corrigé dans
3.6.2
0.0.1
CVE-2026-32815 describes an Authentication Bypass vulnerability discovered in the SiYuan Kernel, a core component of the SiYuan note-taking application. This flaw allows attackers to hijack WebSocket connections, resulting in the unauthorized disclosure of sensitive document metadata. The vulnerability impacts versions of the kernel up to and including 0.0.0-20260313024916-fd6526133bb3, and a fix is available in version 3.6.1.
The core impact of CVE-2026-32815 lies in the potential for unauthenticated information disclosure. An attacker can exploit this bypass by crafting a malicious request that leverages the /ws WebSocket endpoint with specific URL parameters (?app=siyuan&id=auth&type=auth). Successful exploitation allows the attacker to establish a WebSocket connection and receive all server push events in real-time. This includes sensitive document titles, notebook names, file paths, and details of all create, read, update, and delete (CRUD) operations. This information could be used for reconnaissance, data exfiltration, or to understand the structure and content of a user's notes, potentially leading to further attacks. The lack of authentication makes this vulnerability particularly concerning as it requires minimal effort to exploit.
CVE-2026-32815 was publicly disclosed on March 16, 2026. There is currently no indication of active exploitation in the wild, nor are there any publicly available proof-of-concept exploits. The vulnerability is not currently listed on the CISA KEV catalog. Given the ease of exploitation and the potential for information disclosure, it is considered a moderate risk, and proactive patching is recommended.
Organizations and individuals using SiYuan for note-taking, particularly those who rely on the application to store sensitive information, are at risk. Deployment environments with exposed SiYuan instances, or those with weak network segmentation, are especially vulnerable. Users who have not applied security updates are also at increased risk.
• linux / server:
journalctl -u siyuan -f | grep "WebSocket connection established without authentication"• generic web:
curl -v https://<siyuan_server>/ws?app=siyuan&id=auth&type=auth 2>&1 | grep -i "connection established"disclosure
Statut de l'Exploit
EPSS
0.04% (percentile 13%)
CISA SSVC
The primary mitigation for CVE-2026-32815 is to upgrade to SiYuan Kernel version 3.6.1 or later, which contains the fix for this authentication bypass. If immediate upgrading is not feasible, consider implementing temporary workarounds. While a direct WAF rule is difficult to implement due to the nature of the bypass, restricting access to the /ws endpoint based on origin (allowing only SiYuan's own domain) can provide some protection. Carefully review and restrict the allowed origins for WebSocket connections. Monitor WebSocket traffic for unusual activity or connections from unexpected sources. After upgrading, confirm the fix by attempting to connect to the /ws endpoint without proper authentication and verifying that the connection is rejected.
Mettez à jour SiYuan à la version 3.6.1 ou supérieure. Cette version corrige la vulnérabilité de contournement de l'authentification dans le point de terminaison WebSocket, empêchant l'accès non autorisé aux informations du système.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-32815 is a vulnerability in the SiYuan Kernel that allows attackers to bypass authentication and hijack WebSocket connections, leading to information disclosure.
You are affected if you are using SiYuan Kernel versions prior to 3.6.1 (≤0.0.0-20260313024916-fd6526133bb3).
Upgrade to SiYuan Kernel version 3.6.1 or later to remediate the vulnerability. Consider origin restrictions as a temporary workaround.
There is currently no evidence of active exploitation in the wild, but proactive patching is recommended.
Refer to the SiYuan project's official security advisories and release notes for details: [https://github.com/siyuan-note/siyuan/releases](https://github.com/siyuan-note/siyuan/releases)
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier go.mod et nous te dirons instantanément si tu es affecté.