{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T11:53:13.164","vulnerabilities":[{"cve":{"id":"CVE-2026-30869","sourceIdentifier":"security-advisories@github.com","published":"2026-03-10T17:40:14.380","lastModified":"2026-03-13T15:33:01.727","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary files from the server filesystem. By exploiting double‑encoded traversal sequences, an attacker can access sensitive files such as conf/conf.json, which contains secrets including the API token, cookie signing key, and workspace access authentication code. Leaking these secrets may enable administrative access to the SiYuan kernel API, and in certain deployment scenarios could potentially be chained into remote code execution (RCE). This vulnerability is fixed in 3.5.10."},{"lang":"es","value":"SiYuan es un sistema de gestión de conocimiento personal. Antes de la 3.5.10, una vulnerabilidad de salto de ruta en el endpoint /export permite a un atacante leer archivos arbitrarios del sistema de archivos del servidor. Al explotar secuencias de salto doblemente codificadas, un atacante puede acceder a archivos sensibles como conf/conf.json, que contiene secretos, incluyendo el token de la API, la clave de firma de cookies y el código de autenticación de acceso al espacio de trabajo. La filtración de estos secretos puede habilitar el acceso administrativo a la API del kernel de SiYuan, y en ciertos escenarios de despliegue podría potencialmente encadenarse en ejecución remota de código (RCE). Esta vulnerabilidad está corregida en la 3.5.10."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.10","matchCriteriaId":"0E7B145F-4786-4534-B4D6-A947F4CD06FE"}]}]}],"references":[{"url":"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-2h2p-mvfx-868w","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-2h2p-mvfx-868w","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}