Vulnerabilidades en siyuan-note
67 resultadosCVE-2026-45148MEDIUMSiYuan: Broken access control in SiYuan publish-mode Readers can enumerate metadataEPSS 0.2%CVE-2026-45371HIGHSiYuan: SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIsEPSS 0.2%CVE-2026-25647MEDIUMLute has a Stored Cross-Site Scripting (XSS) via Markdown hyperlinkEPSS 0.2%CVE-2025-68948MEDIUMSiYuan: Information Disclosure and Authentication Bypass via Hardcoded Session SecretEPSS 0.2%CVE-2026-54070HIGHSiYuan: Stored XSS in Bazaar marketplace via package README event handlersEPSS 0.2%CVE-2026-45147MEDIUMSiYuan: Broken access control in SiYuan `/api/tag/getTag` — Reader role can mutate `Conf.Tag.Sort` and persist to diskEPSS 0.2%CVE-2026-41421HIGHSiYuan Desktop Notification XSS Leads to Electron RCEEPSS 0.1%