Platform
go
Component
github.com/siyuan-note/siyuan/kernel
Opgelost in
3.5.6
0.0.1
CVE-2026-25992 describes a Path Traversal vulnerability discovered in the SiYuan Kernel, a core component of the SiYuan note-taking application. This flaw allows attackers to bypass case sensitivity checks in the File Read API, potentially leading to unauthorized access to sensitive files on the server. The vulnerability impacts versions of SiYuan Kernel prior to 3.5.5, and a patch has been released to address the issue.
Successful exploitation of CVE-2026-25992 allows an attacker to read arbitrary files accessible to the SiYuan process. This could include configuration files containing database credentials, user data, or other sensitive information. Depending on the server's configuration and file permissions, an attacker might be able to access the entire filesystem. While the vulnerability doesn't directly lead to remote code execution, the information gained could be used to further compromise the system or launch other attacks. The potential impact is significant, particularly if the server hosts sensitive data or is part of a larger network.
CVE-2026-25992 was publicly disclosed on 2026-02-02. As of this date, there are no known public exploits or active campaigns targeting this vulnerability. The EPSS score is currently unavailable, but given the ease of exploitation and potential impact, it is likely to be assessed as medium or high. Monitor security advisories and threat intelligence feeds for any updates regarding exploitation attempts.
SiYuan users running versions prior to 3.5.5 are at risk. This includes individuals and organizations using SiYuan for personal note-taking, team collaboration, or knowledge management. Shared hosting environments where SiYuan is installed are particularly vulnerable, as a compromise of one user's instance could potentially impact others.
• go / server:
find / -name "siyuan/kernel" -type d -print• go / server:
ps aux | grep siyuan• generic web:
Inspect access logs for requests containing unusual path traversal sequences (e.g., ../../../../etc/passwd).
• generic web:
Monitor response headers for unexpected file content types.
disclosure
Exploit Status
EPSS
0.06% (19% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2026-25992 is to upgrade SiYuan Kernel to version 3.5.5 or later. If an immediate upgrade is not possible due to compatibility issues or downtime constraints, consider implementing stricter file access controls on the server to limit the potential damage from a successful exploit. Review and harden file permissions to ensure that the SiYuan process only has access to the files it absolutely needs. While a WAF or proxy cannot directly prevent this type of path traversal, it can be configured to monitor for suspicious file access patterns and block requests that attempt to access files outside of the expected directories.
Actualice SiYuan a la versión 3.5.5 o posterior. Esta versión corrige la vulnerabilidad de omisión de la validación de acceso a archivos sensibles debido a la distinción entre mayúsculas y minúsculas en los sistemas de archivos.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2026-25992 is a Path Traversal vulnerability in SiYuan Kernel, allowing attackers to read arbitrary files due to a case sensitivity bypass in the File Read API.
You are affected if you are using SiYuan Kernel versions prior to 3.5.5. Upgrade to the latest version to mitigate the risk.
Upgrade SiYuan Kernel to version 3.5.5 or later. If immediate upgrade is not possible, implement stricter file access controls.
As of the public disclosure date, there are no known public exploits or active campaigns targeting this vulnerability, but monitoring is advised.
Refer to the official SiYuan project website and GitHub repository for security advisories and updates related to CVE-2026-25992.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je go.mod-bestand en we vertellen je direct of je getroffen bent.