CVE-2026-33066
Received Received - Intake
XSS in SiYuan README Rendering Leads to RCE

Publication date: 2026-03-20

Last updated on: 2026-03-23

Assigner: GitHub, Inc.

Description
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREADME function uses lute.New() without calling SetSanitize(true), allowing raw HTML embedded in Markdown to pass through unmodified. The frontend then assigns the rendered HTML to innerHTML without any additional sanitization. A malicious package author can embed arbitrary JavaScript in their README that executes when a user clicks to view the package details. Because SiYuan's Electron configuration enables nodeIntegration: true with contextIsolation: false, this XSS escalates directly to full Remote Code Execution. The issue was patched in version 3.6.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-20
Last Modified
2026-03-23
Generated
2026-05-07
AI Q&A
2026-03-20
EPSS Evaluated
2026-05-05
NVD
CVE-2026-33066
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
b3log siyuan to 3.6.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': 'CVE-2026-33066 is a vulnerability in SiYuan, a personal knowledge management system, affecting versions 3.6.0 and below. The issue arises because the backend function that renders README files uses a Markdown engine called Lute without enabling HTML sanitization. This allows raw HTML, including malicious JavaScript, embedded in Markdown to pass through unfiltered.'}, {'type': 'paragraph', 'content': "The frontend then assigns this unsanitized HTML directly to the innerHTML property of a DOM element without any additional sanitization. Because SiYuan's Electron configuration enables nodeIntegration with contextIsolation disabled, this stored Cross-Site Scripting (XSS) vulnerability escalates to full Remote Code Execution (RCE)."}, {'type': 'paragraph', 'content': "An attacker can embed arbitrary JavaScript in a package README that executes when a user views the package details, potentially executing OS commands and compromising the user's system."}] [2]


How can this vulnerability impact me? :

[{'type': 'paragraph', 'content': 'This vulnerability can have severe impacts including full remote code execution on any SiYuan desktop user who views a malicious package README.'}, {'type': 'list_item', 'content': 'An attacker can execute arbitrary operating system commands, such as spawning reverse shells or running malicious programs.'}, {'type': 'list_item', 'content': 'Sensitive data theft is possible, including API tokens, configuration files, SSH keys, and browser credentials.'}, {'type': 'list_item', 'content': "The attacker can establish persistence on the victim's machine across Windows, macOS, and Linux platforms."}, {'type': 'list_item', 'content': 'The attack requires only one click by the user to view the malicious package details, making it a highly effective supply-chain attack vector.'}] [2]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by inspecting the README files of packages in the SiYuan Bazaar for embedded raw HTML or JavaScript payloads that could execute when rendered. Since the vulnerability involves unsanitized HTML rendering, look for README files containing suspicious HTML elements such as <img>, <svg>, <details>, <picture>, <video>, <audio>, <iframe>, <object>, <embed>, or <math> tags with event handlers like onerror or onclick.'}, {'type': 'paragraph', 'content': 'On the system, detection can involve searching for installed SiYuan versions at or below 3.6.0 and checking if the Electron app is configured with nodeIntegration enabled and contextIsolation disabled.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect vulnerable versions and potentially malicious README files include:'}, {'type': 'list_item', 'content': 'Check SiYuan version installed (example for Linux/macOS): `siyuan --version` or check package metadata.'}, {'type': 'list_item', 'content': "Search README files for suspicious HTML or JavaScript payloads: `grep -r -iE '<img|<svg|<details|onerror|onclick' /path/to/siyuan/bazaar/packages/`"}, {'type': 'list_item', 'content': 'Inspect Electron app configuration for insecure settings by reviewing the main.js or equivalent Electron config file for `nodeIntegration: true` and `contextIsolation: false`.'}] [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include updating SiYuan to version 3.6.1 or later, where the vulnerability is patched by enabling sanitization in the backend Markdown rendering.

Additional recommended actions are:

  • Enable backend sanitization by ensuring the Lute Markdown engine calls `SetSanitize(true)` in the renderREADME function to neutralize unsafe HTML content.
  • Implement client-side sanitization using libraries like DOMPurify before assigning HTML content to `innerHTML` to provide defense-in-depth.
  • Harden Electron configuration by disabling `nodeIntegration` and enabling `contextIsolation` and sandboxing in the webPreferences settings.

These steps collectively prevent execution of malicious scripts embedded in README files and reduce the risk of remote code execution.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart