CVE-2026-59854 in SiYuaninfo

Summary

by MITRE • 07/10/2026

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacker-supplied absolute source paths and relies on util.IsSensitivePath in kernel/util/path.go, whose denylist misses common home-directory credential files such as .git-credentials, .netrc, .pgpass, .kube/config, .docker/config.json, and .gnupg, allowing an authenticated administrator or API-token user to copy those files into the workspace and exfiltrate them through the file API. This issue is fixed in versions 3.7.1-alpha.2 and 3.7.1.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/10/2026

The SiYuan personal knowledge management system contains a critical path traversal vulnerability that affects versions prior to 3.7.1. This flaw exists within the globalCopyFiles API endpoint which processes POST requests to copy files from arbitrary locations. The vulnerability stems from insufficient validation of source file paths, specifically failing to properly sanitize absolute paths supplied by authenticated users. The system relies on a denylist mechanism implemented in kernel/util/path.go that is intentionally designed to prevent access to sensitive system locations, but this implementation contains significant gaps in its coverage. The missing entries in the denylist include common credential storage files such as .git-credentials, .netrc, .pgpass, .kube/config, .docker/config.json, and .gnupg, which are typically located within user home directories and contain sensitive authentication information. This oversight creates a pathway for authenticated attackers to bypass security controls and access critical credential files that would normally be protected by standard filesystem permissions.

The technical implementation of this vulnerability demonstrates a classic path traversal flaw where the system's authorization model is insufficiently robust against malicious path manipulation. When an authenticated administrator or API token user invokes the globalCopyFiles endpoint, they can specify absolute file paths that point to sensitive locations within the filesystem. The system's validation logic fails to recognize these specific credential files as requiring additional protection, allowing them to be copied into the application workspace where they become accessible through the file API. This creates a direct exfiltration vector for sensitive information including git credentials, network authentication details, postgres database passwords, kubernetes configuration files, docker registry credentials, and gpg keyring data. The vulnerability specifically affects systems where the application has sufficient privileges to read these credential files, which is typical in administrative contexts.

The operational impact of this vulnerability is severe as it enables authenticated attackers to systematically harvest sensitive information from compromised SiYuan installations. An attacker with administrative access or valid API tokens can enumerate and exfiltrate multiple types of credentials across different systems and services without requiring additional privileges or complex exploitation techniques. The threat actor can use this capability to gain persistent access to repositories, databases, container registries, cloud platforms, and other systems that rely on the stolen credentials. From a cybersecurity perspective, this vulnerability aligns with CWE-22 Path Traversal and CWE-798 Use of Hard-coded Credentials, while also demonstrating characteristics consistent with ATT&CK technique T1566.001 Phishing: Spearphishing Attachment, where attackers can extract credentials from systems they have already compromised through legitimate administrative access paths.

Organizations using SiYuan versions prior to 3.7.1 should immediately implement mitigations including upgrading to version 3.7.1 or later, which contains the necessary fixes for this vulnerability. The upgrade process should be prioritized as a critical security patch since it addresses an authenticated path traversal flaw that can lead to credential compromise across multiple systems and services. Additional defensive measures include implementing stricter file access controls within the application, enhancing monitoring of file copy operations, and reviewing existing API token permissions to minimize potential impact from compromised credentials. Security teams should also conduct thorough audits of credential storage locations within their SiYuan installations and implement automated detection mechanisms for unusual file copying activities that could indicate exploitation attempts. The fix implemented in versions 3.7.1-alpha.2 and 3.7.1 addresses the denylist gap by including the missing credential files, thereby preventing unauthorized access to these sensitive system resources through the affected API endpoint.

Responsible

GitHub M

Reservation

07/07/2026

Disclosure

07/10/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!