🚨 BREAKING

CVE-2026-45375: Critical XSS in SiYuan Knowledge Management System

/CRITICAL /CVSS 9/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvecriticalhigh-severitycwe-79cwe-116
CVE-2026-45375: Critical XSS in SiYuan Knowledge Management System

The National Vulnerability Database has disclosed CVE-2026-45375, a critical cross-site scripting (XSS) vulnerability affecting SiYuan, an open-source personal knowledge management system. This flaw, rated with a CVSS score of 9.0, stems from improper HTML escaping in the application’s Bazaar (community marketplace) feature. Specifically, the name and version fields within plugin.json (and similar configuration files for themes, templates, widgets, and icons) are rendered directly into the Settings → Marketplace UI without adequate sanitization.

Prior to version 3.7.0, SiYuan’s kernel-side helper sanitizePackageDisplayStrings failed to escape these particular fields, allowing malicious HTML to flow raw to the frontend. The frontend then substitutes these unescaped values into HTML template strings and assigns them to innerHTML. This means that simply opening the marketplace tab can trigger the execution of arbitrary HTML, leading to XSS. An attacker could craft a malicious plugin, theme, or template, and once a user views it in the marketplace, their browser would execute the embedded script, potentially leading to session hijacking, data exfiltration, or further client-side attacks.

This is a classic XSS flaw with a critical impact. Attackers can leverage the community marketplace as a vector for client-side compromise. Defenders must recognize that even seemingly benign fields like name and version can be weaponized if not properly sanitized. The fix is available in SiYuan version 3.7.0, which correctly addresses the escaping issue.

What This Means For You

  • If your organization or individual users rely on SiYuan for knowledge management, you are exposed. Immediately patch to version 3.7.0 or later to remediate CVE-2026-45375. Until patched, avoid browsing the marketplace tab in SiYuan, as even viewing a malicious package can trigger code execution. This is a supply chain risk for anyone using community-contributed SiYuan extensions.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1566.002 Phishing: Spearphishing Attachment Initial Access T1204.002 Malicious Link Initial Access

🛡️ Detection Rules

6 rules · 6 SIEM formats

6 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

Web Application Exploitation Attempt — CVE-2026-45375

Sigma YAML — free preview 
title: Web Application Exploitation Attempt — CVE-2026-45375
id: scw-2026-05-14-1
status: experimental
level: high
description: |
  Detects common exploitation patterns targeting web applications. Review CVE-2026-45375 advisories for specific indicators.
author: SCW Feed Engine (auto-generated)
date: 2026-05-14
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-45375/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri-query|contains:
        - '..'
        - 'SELECT'
        - 'UNION'
        - '<script'
        - 'cmd='
        - '/etc/passwd'
      condition: selection
falsepositives:
  - Legitimate activity from CVE-2026-45375

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-45375 XSS SiYuan personal knowledge management system < 3.7.0
CVE-2026-45375 XSS SiYuan Bazaar (community marketplace) UI
CVE-2026-45375 XSS Malicious HTML in 'name' or 'version' fields of plugin.json, theme.json, template.json, widget.json, or icon.json
CVE-2026-45375 XSS Vulnerable component: kernel/bazaar/package.go (sanitizePackageDisplayStrings) and app/src/config/bazaar.ts

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 14, 2026 at 22:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-8634: Crabbox Environment Variable Exposure Critical Vulnerability

CVE-2026-8634 — Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8629: Crabbox Privilege Escalation Puts Shared Environments at Risk

CVE-2026-8629 — Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

Amazon SageMaker Python SDK: RCE via Missing Integrity Verification (CVE-2026-8597)

CVE-2026-8597 — Missing integrity verification in the Triton inference handler in Amazon SageMaker Python SDK v2 before v2.257.2 and v3 before v3.8.0 might allow a...

vulnerabilityCVEhigh-severitycode-executioncwe-354
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma