{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T02:50:39.816","vulnerabilities":[{"cve":{"id":"CVE-2026-33476","sourceIdentifier":"security-advisories@github.com","published":"2026-03-20T23:16:48.137","lastModified":"2026-03-23T22:16:31.057","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes an unauthenticated file-serving endpoint under `/appearance/*filepath.` Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server process. Authentication checks explicitly exclude this endpoint, allowing exploitation without valid credentials. Version 3.6.2 fixes this issue."},{"lang":"es","value":"SiYuan es un sistema de gestión de conocimiento personal. Antes de la versión 3.6.2, el kernel de Siyuan expone un endpoint de servicio de archivos no autenticado bajo `/appearance/*filepath.` Debido a una sanitización de ruta inadecuada, los atacantes pueden realizar salto de directorio y leer archivos arbitrarios accesibles al proceso del servidor. Las comprobaciones de autenticación excluyen explícitamente este endpoint, permitiendo la explotación sin credenciales válidas. La versión 3.6.2 corrige este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-73"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*","versionEndExcluding":"3.6.2","matchCriteriaId":"27CB71A7-7208-417A-AE6D-266D57F683E9"}]}]}],"references":[{"url":"https://github.com/siyuan-note/siyuan/commit/009bb598b3beccc972aa5f1ed88b3b224326bf2a","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hhgj-gg9h-rjp7","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hhgj-gg9h-rjp7","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}