SiYuan Path Traversal: Arbitrary File Deletion Exposes Core Configuration

The National Vulnerability Database has disclosed CVE-2026-40318, a critical path traversal vulnerability in SiYuan, an open-source personal knowledge management system. Affecting versions 3.6.3 and prior, this flaw allows authenticated attackers to delete arbitrary .json files on the server, including global configuration and workspace metadata. With a CVSS score of 8.5 (HIGH), this isn’t just a minor annoyance; it’s a direct route to system instability and data loss.

The core issue lies within the /api/av/removeUnusedAttributeView endpoint. As the National Vulnerability Database details, this endpoint constructs a filesystem path using the id parameter, which is user-controlled. Crucially, there’s no validation or path boundary enforcement. This means an attacker can inject path traversal sequences like ../ into the id value, effectively escaping the intended directory.

From an attacker’s perspective, this is a goldmine. Deleting configuration files isn’t about data exfiltration; it’s about denial of service and system sabotage. Imagine taking down an organization’s entire knowledge base or corrupting critical operational settings simply by deleting a few key .json files. This can halt operations, force extensive recovery efforts, and potentially lead to data integrity issues if backups are not robust or recent.

While the CVSS vector AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H indicates low privileges are needed and no user interaction, the impact on availability (A:H) is severe. The C:N (no confidentiality impact) and I:L (low integrity impact) might seem reassuring, but don’t be fooled. Corrupting configuration is an integrity impact, even if it’s not data modification in the traditional sense. It’s about breaking the system’s operational integrity.

For defenders, this is a stark reminder of the dangers of unchecked user input. Any endpoint that interacts with the filesystem, especially when constructing paths based on client-supplied data, must implement stringent validation and canonicalization. Input sanitization is not optional; it’s foundational security. This isn’t a complex exploit; it’s a classic path traversal, and its persistence in applications underscores a fundamental failing in secure development practices.

CISOs need to emphasize secure coding practices, particularly around file operations and input validation. Automated static and dynamic analysis tools should flag these types of vulnerabilities immediately. Furthermore, organizations using SiYuan should prioritize patching to version 3.6.4 or later. If immediate patching isn’t possible, consider network-level restrictions or WAF rules to block path traversal sequences in relevant API endpoints as a temporary mitigation, though this is a bandage, not a fix.