External risk intelligence

SiYuan Bazaar Marketplace XSS Leads to Remote Code Execution.

CVE advisorySeverity: CRITICAL (CVSS 9.4)

CVE-2026-56397

The vulnerability exists within the Bazaar marketplace of a specific note-taking application, SiYuan, which is primarily a local, client-side desktop or personal server tool. It is not an internet-facing gateway, web service, or appliance, and exploitation requires a user to manually browse the marketplace within the application.

Cross-site Scripting

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

A vulnerability has been identified in SiYuan's Bazaar marketplace that could allow malicious actors to execute arbitrary code. This occurs when package metadata or README files are not properly sanitized, enabling the injection of harmful code that could compromise user systems when the marketplace is browsed.

  • Malicious code can be injected via package details.
  • Leaders should recall the risk of user-driven marketplace interaction.
  • Confirm relevance and exposure of this specific application.

Attack Path

How an attacker could exploit the issue

An attacker can compromise users of the SiYuan note-taking application by submitting malicious code to its Bazaar marketplace. By embedding harmful HTML and JavaScript within package metadata or README files, an attacker can trick users browsing the marketplace into executing these scripts. This can lead to arbitrary code execution on the user's system, potentially allowing the attacker to run operating system commands.

  • An attacker uploads malicious package metadata.
  • A user browses the Bazaar marketplace within the app.
  • Arbitrary code execution on the user's machine.

Live Threat

Current exploitation, exposure, and threat context

SiYuan versions before v3.6.1 could allow attackers to execute arbitrary code on a user's system when that user browses the Bazaar marketplace within the application. This is possible when malicious HTML and JavaScript are injected into package metadata or README content, leveraging Electron's `nodeIntegration` setting.

  • User-browsing data and system access.
  • Malicious package metadata viewed in Bazaar.
  • Potential for unauthorized OS command execution.

Operational Fix

Recommended remediation, mitigation, and detection steps

Technical leaders and security teams should collaborate to identify all instances of SiYuan, particularly those connected to the Bazaar marketplace. The first practical step is to determine the exposure of these instances, focusing on whether they are accessible or critical, and to identify the accountable owner before planning remediation.

  • Accountable teams must own the issue.
  • Verify user exposure to Bazaar.
  • Plan remediation based on risk.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is SiYuan and its Bazaar marketplace?

SiYuan is a privacy-focused, local-first note-taking application designed for personal knowledge management. It supports a modular ecosystem through its Bazaar marketplace, which functions as a repository where users can discover, download, and install community-contributed themes, templates, and plugins to extend the application's core functionality.

How does CVE-2026-56397 create a security risk?

This vulnerability is categorized as CWE-79, or Cross-Site Scripting (XSS). It occurs because the Bazaar marketplace fails to sanitize metadata and README files provided by package authors. By injecting malicious HTML or JavaScript into these fields, an attacker can exploit the underlying Electron framework's nodeIntegration setting, which inadvertently allows the script to execute operating system commands on the victim's computer.

When does this vulnerability trigger?

The flaw is triggered specifically when a user navigates to the Bazaar marketplace within the SiYuan application. Simply having the software installed does not activate the bug; the malicious code executes only when a user views the compromised package's details or metadata. If you do not browse or interact with the marketplace, the specific conditions for this exploit path are not met.

Is my installation of SiYuan at risk?

Halo Surface Signal indicates that exploitation is very unlikely for most users because SiYuan is typically a local, client-side tool rather than an internet-facing service. The threat is largely confined to users who actively browse the Bazaar marketplace. If your organization uses SiYuan, the risk is highest where users frequently interact with third-party community packages.

What is the first step to address this CVE?

The most effective way to address this issue is to ensure your software is updated to version 3.6.1 or later, which contains the necessary sanitization fixes. Until you can update, you should minimize or suspend usage of the Bazaar marketplace. Internally, verify which teams or individuals are utilizing SiYuan to ensure they are aware of the risks associated with browsing community-contributed content.

References