{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33669", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-23T16:34:59.929Z", "datePublished": "2026-03-26T21:14:43.408Z", "dateUpdated": "2026-03-27T20:26:40.149Z"}, "containers": {"cna": {"title": "SiYuan has Arbitrary Document Reading within the Publishing Service", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-34xj-66v3-6j83", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-34xj-66v3-6j83"}], "affected": [{"vendor": "siyuan-note", "product": "siyuan", "versions": [{"version": "< 3.6.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T21:14:43.408Z"}, "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue."}], "source": {"advisory": "GHSA-34xj-66v3-6j83", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T20:26:31.368565Z", "id": "CVE-2026-33669", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T20:26:40.149Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33669", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-27T20:26:31.368565Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T20:26:36.991Z"}}], "cna": {"title": "SiYuan has Arbitrary Document Reading within the Publishing Service", "source": {"advisory": "GHSA-34xj-66v3-6j83", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "siyuan-note", "product": "siyuan", "versions": [{"status": "affected", "version": "< 3.6.2"}]}], "references": [{"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-34xj-66v3-6j83", "name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-34xj-66v3-6j83", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T21:14:43.408Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33669", "state": "PUBLISHED", "dateUpdated": "2026-03-27T20:26:40.149Z", "dateReserved": "2026-03-23T16:34:59.929Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T21:14:43.408Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*", "matchCriteriaId": "27CB71A7-7208-417A-AE6D-266D57F683E9", "versionEndExcluding": "3.6.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue."}, {"lang": "es", "value": "SiYuan es un sistema de gesti\u00f3n de conocimiento personal. Antes de la versi\u00f3n 3.6.2, los ID de los documentos se recuperaban a trav\u00e9s de la interfaz /API/file/readDir, y luego se utilizaba la interfaz /API/block/getChildBlocks para ver el contenido de todos los documentos. La versi\u00f3n 3.6.2 corrige el problema."}], "id": "CVE-2026-33669", "lastModified": "2026-03-30T17:03:33.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-26T22:16:29.887", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-34xj-66v3-6j83"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.6.2)"}}], "enrichment": {"confidence": 84.0, "confidence_source": "matching", "scores": [{"score": 84.0, "source": "matching"}]}, "original": {"product": "siyuan", "source": "cna", "vendor": "siyuan-note"}, "product": "siyuan", "vendor": "siyuan"}], "analysis": {"en": {"generated_at": "2026-03-30T18:28:58.435057+00:00", "value": {"mitigation_remediation": ["Upgrade SiYuan to version 3.6.2 or later."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary Document Reading"}, "threat_synthesis": {"affected_systems": "This flaw affects SIYUAN products by the vendor siyuan-note, specifically the siyuan application. Versions older than 3.6.2 are vulnerable as they use the flawed API chain. The official CPE mapping indicates cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*. Users deploying any SIYUAN instance before the 3.6.2 release need to verify their version and upgrade if required.", "description_and_impact": "SiYuan, a personal knowledge management system, contains an API flaw that permits attackers to read any stored document without authorization. The vulnerability lies in how the /api/file/readDir endpoint retrieves document IDs and how /api/block/getChildBlocks then returns the content of each document. Because the system does not enforce proper access controls, an attacker could extract confidential information from any user\u2019s documents. The weakness is classified as CWE-125, reflecting improper bounds checking for reading data.", "risk_and_exploitability": "The CVSS score of 9.8 marks this issue as critical, indicating full compromise of confidentiality. The EPSS score is below 1%, suggesting a low current exploitation probability, and the vulnerability is not listed in CISA's KEV catalog. The likely attack vector is remote via the publishing service\u2019s exposed APIs; an unauthenticated attacker could invoke the API endpoints to enumerate and extract all documents. The exploitation path requires no special privileges, making the risk significant for organizations relying on SIYUAN for private knowledge storage."}}}}, "created": "2026-03-27T08:31:45.633197+00:00", "updated": "2026-03-30T20:57:23.344423+00:00", "vendors": ["siyuan", "siyuan$PRODUCT$siyuan"]}