CVE-2026-40259
Received Received - Intake
Improper Authorization in SiYuan Allows Arbitrary Attribute Deletion

Publication date: 2026-04-16

Last updated on: 2026-04-20

Assigner: GitHub, Inc.

Description
SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model function that unconditionally deletes the corresponding attribute view file from the workspace without verifying that the caller has write privileges or that the target attribute view is actually unused. An authenticated publish-service reader can permanently delete arbitrary attribute view definitions by extracting publicly exposed data-av-id values from published content, causing breakage of database views and workspace rendering until manually restored. This issue has been fixed in version 3.6.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-16
Last Modified
2026-04-20
Generated
2026-06-16
AI Q&A
2026-04-17
EPSS Evaluated
2026-06-15
NVD
CVE-2026-40259
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
b3log siyuan to 3.6.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in SiYuan, an open-source personal knowledge management system, in versions 3.6.3 and below. The issue is with the /api/av/removeUnusedAttributeView endpoint, which is protected only by generic authentication that accepts publish-service RoleReader tokens.

The vulnerability allows an authenticated user with a publish-service reader role to delete attribute view files without having proper write privileges. This happens because the endpoint passes a caller-controlled id directly to a model function that deletes the corresponding attribute view file unconditionally, without verifying if the caller has the right permissions or if the attribute view is actually unused.

As a result, an attacker can extract publicly exposed data-av-id values from published content and use them to permanently delete arbitrary attribute view definitions, causing breakage in database views and workspace rendering until the deleted views are manually restored.

Impact Analysis

This vulnerability can have a significant impact by allowing an authenticated user with limited read permissions to delete important attribute view files in the SiYuan workspace.

  • Permanent deletion of arbitrary attribute view definitions.
  • Breakage of database views.
  • Disruption of workspace rendering and functionality.
  • Manual restoration is required to recover from the damage.
Mitigation Strategies

To mitigate this vulnerability, you should upgrade SiYuan to version 3.6.4 or later, where the issue has been fixed.

Until the upgrade is applied, restrict access to the /api/av/removeUnusedAttributeView endpoint to trusted users only, especially preventing publish-service RoleReader tokens from accessing it.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40259. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart