Recent Advisories
| Severity | ID | Title | Vendor | Product | Date | Type |
|---|---|---|---|---|---|---|
| MEDIUM 5.9 | CVE-2026-54068 |
SiYuan: Unauthenticated SQLite Data Exfiltration via Template Injection in /api/icon/getDynamicIcon_CVE-2026-54068SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the /api/icon/getDynamicIcon endpoint is explicitly excluded from au... |
siyuan-note | siyuan < 3.7.0 | CVE | |
| CRITICAL 9.9 | CVE-2026-54067 |
SiYuan: Stored XSS to RCE via CSS-snippet |