External risk intelligence

SiYuan Bazaar Package Metadata Vulnerability Allows Remote Code Execution.

CVE advisorySeverity: CRITICAL (CVSS 9.4)

CVE-2026-56395

The vulnerability exists within a marketplace component of a local desktop-oriented application. While the marketplace is reachable via the internet, the target is a client-side application user rather than a public-facing server, gateway, or edge service that is typically exposed to the internet by design.

Cross-site Scripting

Halo Surface Signal: 3 out of 5 — possibly public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

A vulnerability has been identified in SiYuan's Bazaar marketplace, affecting how package metadata and README files are handled. This flaw could allow malicious actors to inject harmful code, potentially leading to remote code execution on users' systems when they interact with compromised packages. The main concern is confirming relevance and exposure.

  • Malicious code can be hidden in package details.
  • Affects users interacting with the Bazaar marketplace.
  • Confirm if our users are exposed to this risk.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this by creating a malicious package for the SiYuan Bazaar marketplace. When a user browses the Bazaar, the crafted package metadata or README file, containing embedded HTML and JavaScript, would be loaded. This could lead to the execution of arbitrary code on the user's system by leveraging the application's underlying framework.

  • No special access required.
  • User browses malicious package.
  • Remote code execution on user.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow malicious actors to inject arbitrary HTML and JavaScript into the SiYuan Bazaar marketplace. When a user browses the Bazaar, these injected scripts could execute, potentially leading to the execution of operating system commands on their local machine.

  • User's system and data at risk.
  • Malicious code executes via Bazaar browsing.
  • Attacker could run OS commands.

Operational Fix

Recommended remediation, mitigation, and detection steps

Application owners are responsible for identifying instances of SiYuan and confirming if the Bazaar marketplace feature is actively used and if affected packages are installed. The first practical step is to locate all deployments of SiYuan, assess the risk based on usage of the Bazaar and the potential for malicious packages, and then coordinate with users or platform teams for remediation.

  • Identify affected SiYuan deployments.
  • Verify Bazaar marketplace usage and risk.
  • Plan user communication and remediation.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is SiYuan and what is the Bazaar marketplace?

SiYuan is a privacy-first, locally hosted knowledge management software built on the Electron framework. It functions as a personal note-taking tool that runs directly on your computer. The Bazaar is an integrated marketplace within SiYuan where users can discover and install community-created packages, themes, and templates to extend the application's functionality.

What is the vulnerability in CVE-2026-56395?

This vulnerability is classified as CWE-79, or Cross-Site Scripting (XSS). Essentially, the software fails to properly clean the data it receives from the Bazaar. Because it lacks these safeguards, malicious code hidden in package descriptions or instructions can trick the application into executing unauthorized JavaScript commands on your local machine instead of simply displaying text.

How does an attacker trigger this CVE?

An attacker triggers this flaw by publishing a malicious package to the Bazaar marketplace. The vulnerability is activated when a user simply browses the marketplace and views the compromised package's details. Note that this does not require installing the package itself; merely viewing the metadata or README content is sufficient to execute the embedded malicious script.

Is this vulnerability relevant to my environment?

According to Halo Surface Signal, this risk is categorized as 'Possible' rather than highly exposed. Because SiYuan is a client-side desktop application, the risk is not aimed at public-facing servers or gateways. Instead, the relevance depends on whether your users actively browse the Bazaar marketplace within the SiYuan application on their local computers.

What should I do to address this risk?

Start by identifying all local installations of SiYuan within your organization. Once located, assess if your users frequently access the Bazaar marketplace. If they do, the most critical step is to ensure that SiYuan is updated to version 3.6.1 or later, which contains the necessary security fixes to sanitize package metadata and prevent unauthorized script execution.

References