CVE-2026-33476 in SiYuan
Summary
by MITRE • 03/21/2026
SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under `/appearance/*filepath.` Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server process. Authentication checks explicitly exclude this endpoint, allowing exploitation without valid credentials. Version 3.6.2 fixes this issue.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 03/27/2026
The vulnerability identified as CVE-2026-33476 affects SiYuan, a personal knowledge management system that has gained popularity for its local-first approach to information organization and retrieval. This security flaw represents a critical directory traversal vulnerability that undermines the application's security model and exposes sensitive data to unauthorized access. The vulnerability exists within the application's kernel implementation and specifically targets the `/appearance/*filepath` endpoint which serves as an interface for delivering appearance-related resources. The affected system operates under the assumption that legitimate users can access these resources without authentication, but this design choice creates a dangerous security gap that malicious actors can exploit to gain unauthorized access to server files.
The technical root cause of this vulnerability stems from inadequate input validation and path sanitization within the SiYuan kernel's file serving mechanism. When requests are made to the `/appearance/*filepath` endpoint, the application fails to properly sanitize the file path parameter, allowing attackers to manipulate the requested file path through directory traversal sequences such as ../ or ..\.. The absence of proper path validation means that an attacker can craft malicious requests that traverse the file system hierarchy and access files that should remain protected. This flaw aligns with CWE-22, which specifically addresses improper limitation of a pathname to a restricted directory, commonly known as directory traversal or path traversal attacks. The vulnerability's exploitation does not require authentication credentials, as the endpoint explicitly excludes authentication checks, making it particularly dangerous for environments where the application runs with elevated privileges or has access to sensitive system files.
The operational impact of this vulnerability extends beyond simple information disclosure, as it can potentially lead to complete system compromise depending on the server's configuration and the privileges under which SiYuan operates. Attackers who exploit this vulnerability can access configuration files that may contain database credentials, encryption keys, or other sensitive information that could be used for further attacks. The vulnerability also poses risks to data integrity and confidentiality, as unauthorized parties could potentially read personal knowledge base files, user data, or system logs that contain sensitive information. From an attacker's perspective, this represents a low-effort, high-impact attack vector that can be executed through simple HTTP requests, making it particularly attractive for automated exploitation campaigns. The vulnerability's presence in versions prior to 3.6.2 indicates a systemic security issue that affects users who have not yet updated their installations, leaving them exposed to potential compromise.
The mitigation strategy for this vulnerability is straightforward and involves updating to SiYuan version 3.6.2 or later, which implements proper path sanitization and authentication controls for the affected endpoint. Security practitioners should ensure that all installations are updated promptly and that proper access controls are maintained for the application's file serving endpoints. Organizations should also conduct inventory checks to identify all instances of SiYuan running in their environment and verify that they are running patched versions. From a defense-in-depth perspective, network segmentation and access controls should be implemented to limit exposure of the application to untrusted networks, while monitoring systems should be configured to detect unusual file access patterns that might indicate exploitation attempts. The vulnerability's resolution demonstrates the importance of proper input validation and authentication controls, particularly for endpoints that serve files or resources that might be accessible to external users. This incident underscores the need for regular security updates and proper security testing of file serving mechanisms to prevent similar vulnerabilities from being introduced in future releases. The ATT&CK framework categorizes this vulnerability under T1566, which involves the exploitation of remote services, and T1005, which involves data from local system, as attackers can leverage this vulnerability to access sensitive data stored locally on the system.