CVE-2026-34585
Stored XSS in SiYuan Desktop Client Enables Remote Code Execution
Publication date: 2026-03-31
Last updated on: 2026-04-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| b3log | siyuan | to 3.6.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in SiYuan, a personal knowledge management system, prior to version 3.6.2. It allows crafted block attribute values to bypass server-side attribute escaping when an HTML entity is mixed with raw special characters. An attacker can embed a malicious IAL value inside a .sy document, package it as a .sy.zip file, and trick a victim into importing it through the normal Import -> SiYuan .sy.zip workflow. When the victim opens the note, the malicious attribute escapes its original HTML context and injects an event handler, resulting in stored cross-site scripting (XSS).
In the Electron desktop client, this XSS vulnerability escalates to remote code execution because the injected JavaScript runs with access to Node/Electron APIs. This means the attacker can execute arbitrary code on the victim's machine.
This issue has been fixed in version 3.6.2 of SiYuan.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including the execution of arbitrary code on your machine if you use the vulnerable SiYuan Electron desktop client. An attacker can craft malicious .sy.zip files that, when imported and opened, execute JavaScript with full access to Node/Electron APIs.
The impacts include complete compromise of confidentiality, integrity, and availability of your data and system, as indicated by the CVSS score which rates confidentiality, integrity, and availability impacts as high.
Because the attack requires user interaction (importing and opening a malicious file), the attack vector is local, but the consequences can be severe.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been patched in SiYuan version 3.6.2.
To mitigate this vulnerability, immediately upgrade your SiYuan personal knowledge management system to version 3.6.2 or later.
Avoid importing .sy.zip files from untrusted sources, as the vulnerability is exploited through maliciously crafted .sy.zip imports.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-34585 is a high-severity vulnerability that allows remote code execution via stored cross-site scripting in SiYuan Desktop versions prior to 3.6.2. This vulnerability can lead to unauthorized access and control over the affected system.
Such unauthorized access and potential data compromise could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and breaches.
Specifically, the vulnerability's ability to execute arbitrary commands on the victim's machine could lead to data exposure, modification, or loss, violating confidentiality, integrity, and availability requirements mandated by these regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves importing malicious .sy.zip files containing crafted .sy documents with specially crafted block attribute values that bypass server-side escaping, leading to stored XSS and potential remote code execution in SiYuan Desktop versions prior to 3.6.2.
Detection on your system involves verifying the version of SiYuan Desktop installed and monitoring for the import of suspicious .sy.zip files that may contain malicious attributes.
Since the attack vector requires importing a malicious .sy.zip file and opening the note, you can detect attempts by:
- Checking the SiYuan Desktop version to ensure it is 3.6.2 or later, which contains the patch.
- Monitoring file imports for .sy.zip files from untrusted sources.
- Inspecting .sy documents inside .sy.zip files for suspicious block attribute values mixing HTML entities and raw special characters, such as patterns like `&" onmouseenter=`.
There are no specific network commands or signatures provided in the resources for automated detection. However, you can manually inspect imported .sy.zip files by unzipping and searching for suspicious attribute patterns using commands like:
- On a Unix-like system, unzip the archive: `unzip suspicious.sy.zip -d extracted`
- Search for suspicious attributes in .sy files: `grep -r '&" onmouseenter=' extracted/`
- Check the SiYuan Desktop version via its About dialog or application metadata to confirm it is patched (version 3.6.2 or later).
Because the vulnerability requires user interaction (importing and opening the malicious note), network detection is limited. Focus on endpoint protection by restricting imports from untrusted sources and updating the software.