CVE-2026-54068: Unauthenticated Server-Side Template Injection and SQLite Exfiltration in SiYuan PKM
Vulnerability ID: CVE-2026-54068
CVSS Score: 5.9
Published: 2026-07-10
An authentication bypass in the SiYuan personal knowledge management system before version 3.7.0 exposes a dynamic icon rendering endpoint. This endpoint processes client-supplied Go template directives. By submitting a crafted request, an unauthenticated remote attacker can leverage registered database template functions to execute arbitrary read-only SQL queries and exfiltrate workspace contents.
TL;DR
An unauthenticated API endpoint in SiYuan PKM before 3.7.0 evaluates user-controlled input using the Go template engine. Remote attackers can leverage registered SQL helper functions to query the underlying SQLite database and exfiltrate notes, credentials, and system metadata.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-306
- Attack Vector: Network (AV:N)
- CVSS Score: 5.9 (Medium)
- EPSS Score: 0.00239 (Percentile Rank: 14.92%)
- Impact: High Confidentiality Leakage
- Exploit Status: Proof-of-Concept
- KEV Status: Not Listed
Affected Systems
- SiYuan Open-Source Personal Knowledge Management System
-
siyuan: < 3.7.0 (Fixed in:
3.7.0)
Code Analysis
Commit: 27e0051
Move /api/icon/getDynamicIcon to authenticated group
Mitigation Strategies
- Upgrade SiYuan to version 3.7.0 or newer.
- Restrict network access to the SiYuan API and web UI using reverse proxies or firewall ACLs.
- Monitor HTTP access logs for requests containing the .action parameter targeting /api/icon/getDynamicIcon.
Remediation Steps:
- Verify the running version of SiYuan using the version endpoint or the application UI.
- Update the Docker image or localized installation to version 3.7.0.
- Restart the service and confirm that accessing /api/icon/getDynamicIcon without an authorization header yields an HTTP 401 Unauthorized response.
References
Read the full report for CVE-2026-54068 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)