Description

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths that enable RCE. This can lead to aata destruction by overwriting workspace or application files, and for Docker containers running as root (common default), this grants full container compromise. This issue has been fixed in version 3.6.1.

INFO

Published Date :

2026-03-19T21:07:57.841Z

Last Modified :

2026-03-20T20:18:05.496Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-32749 vulnerability.

Vendors Products
Siyuan
  • Siyuan
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-32749.

URL Resource
https://github.com/siyuan-note/siyuan/commit/5ee00907f0b0c4aca748ce21ef1977bb98178e14 cve-icon cve-icon
https://github.com/siyuan-note/siyuan/releases/tag/v3.6.1 cve-icon cve-icon
https://github.com/siyuan-note/siyuan/security/advisories/GHSA-qvvf-q994-x79v cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact