CVE

CVE-2026-30869

SiYuan has a Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage

CVE

CVE-2026-30869

SiYuan has a Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage

SiYuan is a personal knowledge management system. Prior to 3.5.10, a path traversal vulnerability in the /export endpoint allows an attacker to read arbitrary files from the server filesystem. By exploiting double‑encoded traversal sequences, an attacker can access sensitive files such as conf/conf.json, which contains secrets including the API token, cookie signing key, and workspace access authentication code. Leaking these secrets may enable administrative access to the SiYuan kernel API, and in certain deployment scenarios could potentially be chained into remote code execution (RCE). This vulnerability is fixed in 3.5.10.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

9.3

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

Related Resources

No items found.

References

https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/30xxx/CVE-2026-30869.json, https://github.com/siyuan-note/siyuan/security/advisories/GHSA-2h2p-mvfx-868w, https://nvd.nist.gov/vuln/detail/CVE-2026-30869

Severity

9.3

CVSS Score

Basic Information

Ecosystem

Base CVSS

9.3

EPSS Probability

0.00273%

EPSS Percentile

0.50928%

Introduced Version

Fix Available

297bd526708fcbd6f2657b06098f6dfdc0076c19

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2026-30869

CVE-2026-30869

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

9.3

Basic Information

Fix Critical Vulnerabilities Instantly