CVE-2026-34453 Scanner

SiYuan is a note-taking application used by individuals and professionals to organize and manage their notes and documents securely. It is commonly utilized by users who prioritize privacy and secure document storage, often in personal, academic, or business settings. The application supports various features, including password protection for sensitive documents, making it a preferred choice for users who handle private information. SiYuan's structured and user-friendly interface allows users to create, categorize, and manage their documentation efficiently. SiYuan actively offers updates and support to ensure the application remains stable and secure against emerging threats. This application is compatible across multiple platforms, enhancing accessibility for its users.

The vulnerability identified in SiYuan is classified as an "Information Disclosure" vulnerability. This vulnerability arises from improper authorization checks in the application's publish service, particularly affecting the bookmark filtering feature. It allows unauthenticated visitors to access bookmarked blocks from password-protected documents. This means that users' sensitive information can potentially be exposed without their knowledge or consent. The vulnerability primarily impacts the confidentiality of the data, allowing outsiders to view content that should be protected. It is crucial for users to address this vulnerability to maintain the integrity and confidentiality of their protected documents.

The technical specifics of the vulnerability involve the failure of the SiYuan publish service to properly authenticate users attempting to access the bookmark feature. The endpoint '/api/bookmark/getBookmark' appears to be the focal point of this security gap, accepting POST requests and returning sensitive data without verifying user credentials. Furthermore, the application incorrectly processes these requests when using versions up to 3.6.1, providing access when certain conditions in the HTTP response are met (e.g., status code 200 with specific JSON body attributes like "code":0, "type":"bookmark", and presence of "blocks"). The unprotected access to this endpoint leads to accidental data leakage.

Exploiting this vulnerability can lead to significant security breaches, especially in environments where confidential information is stored. Unauthorized individuals could potentially retrieve and misuse sensitive data, resulting in privacy violations, identity theft, and unauthorized data distribution. Such breaches pose particular risks to businesses and individuals who rely on SiYuan for the secure storage of critical documentation, impacting both personal and organizational reputations. These security lapses might also invite further penetration attempts into the affected systems, exacerbating potential damage.

REFERENCES

• https://github.com/siyuan-note/siyuan/security/advisories/GHSA-c77m-r996-jr3q
• https://nvd.nist.gov/vuln/detail/CVE-2026-34453