{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40107", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-09T01:41:38.536Z", "datePublished": "2026-04-09T21:03:58.572Z", "dateUpdated": "2026-04-10T18:12:28.538Z"}, "containers": {"cna": {"title": "SiYuan Affected by Zero-Click NTLM Hash Theft and Blind SSRF via Mermaid Diagram Rendering", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w95v-4h65-j455", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w95v-4h65-j455"}], "affected": [{"vendor": "siyuan-note", "product": "siyuan", "versions": [{"version": "< 3.6.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T21:03:58.572Z"}, "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with securityLevel: \"loose\" and htmlLabels: true. In this mode, <img> tags with src attributes survive Mermaid's internal DOMPurify and land in SVG <foreignObject> blocks. The SVG is injected via innerHTML with no secondary sanitization. When a victim opens a note containing a malicious Mermaid diagram, the Electron client fetches the URL. On Windows, a protocol-relative URL (//attacker.com/image.png) resolves as a UNC path (\\\\attacker.com\\image.png). Windows attempts SMB authentication automatically, sending the victim's NTLMv2 hash to the attacker. This vulnerability is fixed in 3.6.4."}], "source": {"advisory": "GHSA-w95v-4h65-j455", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T18:12:18.595543Z", "id": "CVE-2026-40107", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T18:12:28.538Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40107", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T18:12:18.595543Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T18:12:24.352Z"}}], "cna": {"title": "SiYuan Affected by Zero-Click NTLM Hash Theft and Blind SSRF via Mermaid Diagram Rendering", "source": {"advisory": "GHSA-w95v-4h65-j455", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "siyuan-note", "product": "siyuan", "versions": [{"status": "affected", "version": "< 3.6.4"}]}], "references": [{"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w95v-4h65-j455", "name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w95v-4h65-j455", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with securityLevel: \"loose\" and htmlLabels: true. In this mode, <img> tags with src attributes survive Mermaid's internal DOMPurify and land in SVG <foreignObject> blocks. The SVG is injected via innerHTML with no secondary sanitization. When a victim opens a note containing a malicious Mermaid diagram, the Electron client fetches the URL. On Windows, a protocol-relative URL (//attacker.com/image.png) resolves as a UNC path (\\\\attacker.com\\image.png). Windows attempts SMB authentication automatically, sending the victim's NTLMv2 hash to the attacker. This vulnerability is fixed in 3.6.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T21:03:58.572Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40107", "state": "PUBLISHED", "dateUpdated": "2026-04-10T18:12:28.538Z", "dateReserved": "2026-04-09T01:41:38.536Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-09T21:03:58.572Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*", "matchCriteriaId": "3951F8B9-C26F-4A2E-98FB-F744EB1F67B8", "versionEndExcluding": "3.6.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with securityLevel: \"loose\" and htmlLabels: true. In this mode, <img> tags with src attributes survive Mermaid's internal DOMPurify and land in SVG <foreignObject> blocks. The SVG is injected via innerHTML with no secondary sanitization. When a victim opens a note containing a malicious Mermaid diagram, the Electron client fetches the URL. On Windows, a protocol-relative URL (//attacker.com/image.png) resolves as a UNC path (\\\\attacker.com\\image.png). Windows attempts SMB authentication automatically, sending the victim's NTLMv2 hash to the attacker. This vulnerability is fixed in 3.6.4."}], "id": "CVE-2026-40107", "lastModified": "2026-04-16T20:28:02.423", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-09T21:16:12.123", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w95v-4h65-j455"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.6.4)"}}], "enrichment": {"confidence": 84.0, "confidence_source": "matching", "scores": [{"score": 84.0, "source": "matching"}]}, "original": {"product": "siyuan", "source": "cna", "vendor": "siyuan-note"}, "product": "siyuan", "vendor": "siyuan"}], "analysis": {"en": {"generated_at": "2026-04-09T22:52:48.918849+00:00", "value": {"mitigation_remediation": ["Upgrade SiYuan to version 3.6.4 or later."], "summary": {"action": "Patch", "impact": "Credential Theft via NTLM Hash Theft"}, "threat_synthesis": {"affected_systems": "The issue affects the SiYuan application version 3.6.3 and earlier. The vulnerable component is the Electron client running on Windows operating systems. The affected environment includes any user who opens a note containing a Mermaid diagram with an image reference that can resolve to a UNC path. The vendor product is Siyuan-Note Siyuan.", "description_and_impact": "SiYuan, a personal knowledge management system, allows Mermaid diagrams to be rendered with settings that enable HTML labels and a \u2018loose\u2019 security level. In this configuration <img> tags can escape the internal DOMPurify filter and end up inside SVG foreignObject blocks. The SVG content is injected into the page using innerHTML without additional sanitization, leading to a zero\u2011click vulnerability. When a user opens a note containing a malicious Mermaid diagram, the Electron client automatically fetches the image URL. On Windows, a protocol\u2011relative URL such as //attacker.com/image.png resolves to a UNC path, which triggers SMB authentication and causes Windows to send the victim\u2019s NTLMv2 hash to the target. The attacker can capture this credential and later use it in pass\u2011the\u2011hash attacks or other credential\u2011based exploitation scenarios.", "risk_and_exploitability": "The CVSS score for this vulnerability is 8.7, indicating high severity. While an EPSS score is not provided, the zero\u2011click nature and the ability to exfiltrate NTLM hashes without user interaction suggest a high likelihood of exploitation in environments where users work with potentially untrusted content. The vulnerability is not currently listed in the CISA KEV catalog. Attacks require only the user to open a malicious note; no additional permissions or input are necessary beyond normal use of the application."}}}}, "created": "2026-04-10T08:38:21.395445+00:00", "updated": "2026-04-10T09:29:05.385056+00:00", "vendors": ["siyuan", "siyuan$PRODUCT$siyuan"]}