CVE

CVE-2026-30926

SiYuan Note publish service authorization bypass allows low-privilege users to modify notebook content

CVE

CVE-2026-30926

SiYuan Note publish service authorization bypass allows low-privilege users to modify notebook content

SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint requires only the model.CheckAuth role, which accepts RoleReader sessions, but it does not enforce stricter checks, such as CheckAdminRole or CheckReadonly. This allows remote authenticated publish users with read-only privileges to append new blocks to existing documents, compromising the integrity of stored notes.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

7.1

3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

Related Resources

No items found.

References

https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/30xxx/CVE-2026-30926.json, https://github.com/siyuan-note/siyuan/security/advisories/GHSA-f9cq-v43p-v523, https://nvd.nist.gov/vuln/detail/CVE-2026-30926

Severity

7.1

CVSS Score

Basic Information

Ecosystem

Base CVSS

7.1

EPSS Probability

0.00017%

EPSS Percentile

0.04058%

Introduced Version

Fix Available

297bd526708fcbd6f2657b06098f6dfdc0076c19

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2026-30926

CVE-2026-30926

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

7.1

Basic Information

Fix Critical Vulnerabilities Instantly