External risk intelligence

SiYuan could allow internal attacker to run malicious code on user computers

CVE advisorySeverity: CRITICAL (CVSS 9.0)

CVE-2026-40322

An internal attacker can take advantage of an issue in SiYuan by tricking a user into opening a malicious note. This grants the attacker control over the victim's machine, potentially allowing for the theft of sensitive data.

1Halo Surface Signal

Cross-site Scripting

B3log Siyuan

before 3.6.4

External exposure likelihood

Halo Surface Signal score for CVE-2026-40322

This vulnerability exists in a personal desktop note-taking application. Exploitation is client-side and requires a user to open a malicious note and manually interact with it within the application. The software is not an internet-facing service, network gateway, or public-facing endpoint, placing it firmly in the category of client-side desktop software.

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability in SiYuan, a personal knowledge management system, allows malicious JavaScript code to be injected through specially crafted diagram blocks. If a user opens a compromised note and clicks on the rendered diagram, it could lead to the execution of arbitrary code on their computer. This is a significant concern because it impacts the security of users' personal data and system access.

Arbitrary code execution: This can lead to full compromise.
Client-side attack: Requires user to open a malicious note.
Affects desktop users: Primarily impacts those using the desktop application.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this flaw by crafting a malicious note containing an SVG image with a `javascript:` URL. When a victim opens this note in a vulnerable desktop build of SiYuan, the embedded SVG can execute arbitrary code on their system by leveraging Electron's insecure configuration.

Requires authenticated access.
Targets notes with Mermaid diagrams.
Victim must open note and click diagram.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability in SiYuan allows for arbitrary code execution on a victim's machine if they open a specially crafted note and click on a rendered diagram. While the exploit path requires user interaction, it escalates stored XSS to a critical level on desktop builds using Electron with specific configuration. Attackers may find this less appealing due to the client-side nature and the need for the victim to engage with the malicious content.

Requires user interaction for exploit.
Not an internet-facing service.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Teams should prioritize patching SiYuan to version 3.6.4 or later to address the critical vulnerability. If immediate patching is not feasible, isolate affected instances and monitor for signs of exploitation, especially user interaction with Mermaid diagrams in notes.

Update SiYuan to version 3.6.4+.
Isolate affected Electron desktop builds.
Monitor for user-triggered Mermaid diagram clicks.

Frequently asked questions

What is SiYuan and its relevance to personal knowledge management?

SiYuan is an open-source personal knowledge management system. It helps users organize and manage their information effectively. This particular vulnerability highlights a security risk within such personal data management tools, emphasizing the need for secure software even for individual use.

How does the weakness in SiYuan versions 3.6.3 and below allow for security risks?

The weakness stems from how SiYuan versions 3.6.3 and below render Mermaid diagrams with a 'loose' security level. This allows attacker-controlled javascript: URLs within Mermaid code blocks to be injected into the DOM. On desktop builds using Electron, with nodeIntegration enabled and contextIsolation disabled, this stored cross-site scripting (XSS) can escalate to arbitrary code execution if a user opens a malicious note and clicks on the rendered diagram.

What is the trigger path for exploitation, and does it have scope negation?

An attacker can craft a malicious note containing an SVG with a `javascript:` URL within a Mermaid code block. The trigger path requires a victim to open this compromised note on a vulnerable desktop build of SiYuan. The exploitation then requires the victim to click on the rendered diagram node. There is no scope negation mentioned; the vulnerability impacts the execution environment when the specific conditions are met.

How relevant is CVE-2026-40322, considering its client-side nature?

Halo classifies this CVE as 'Very unlikely' to be exploited due to its client-side nature. Exploitation requires a user to open a malicious note and interact with it within the application. SiYuan is a personal desktop application, not an internet-facing service, gateway, or public endpoint, which significantly limits its exploitation appeal for broad attacks.

What is the practical response for users and administrators regarding this vulnerability?

The primary response is to update SiYuan to version 3.6.4 or later, which addresses the vulnerability. If immediate patching is not possible, affected desktop instances should be isolated. Continuous monitoring for any unusual user interactions with Mermaid diagrams within notes is also advised. This ensures the security of personal data and system integrity.

References

Written by Nicholas Merritt

External-surface CVE analysis and Halo Surface Signal prioritization for Halo Threat Intelligence.