CVE-2026-32749

HighPublic PoC

Published: 19 March 2026

Published

19 March 2026

Modified

23 March 2026

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:N

EPSS Score 0.0012 30.2th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations…

outside the temp directory - including system paths that enable RCE. This can lead to aata destruction by overwriting workspace or application files, and for Docker containers running as root (common default), this grants full container compromise. This issue has been fixed in version 3.6.1.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mitigates path traversal by requiring validation of uploaded multipart filenames to ensure they do not contain traversal sequences.

SI-2 Flaw Remediation good match

prevent

Requires timely remediation of the identified flaw through patching to version 3.6.1, eliminating the unsanitized path handling.

AC-6 Least Privilege partial match

prevent

Limits damage from arbitrary file writes by enforcing least privilege on the application process, preventing overwrites to system paths even if traversal succeeds.

Security SummaryAI

CVE-2026-32749 is a path traversal vulnerability (CWE-22, CWE-73) affecting SiYuan, a personal knowledge management system, in versions 3.6.0 and below. The issue resides in the POST /api/import/importSY and POST /api/import/importZipMd endpoints, which write uploaded archives to paths derived directly from the multipart filename field without sanitization. This allows files to be placed in arbitrary locations outside the intended temporary directory, including sensitive system paths.

An authenticated administrator (PR:H) can exploit this vulnerability remotely (AV:N) with low complexity (AC:L) and no user interaction (UI:N), achieving a scope change (S:C). Successful exploitation enables arbitrary file writes, which can overwrite workspace or application files for data destruction, escalate to remote code execution (RCE) by targeting system paths, and fully compromise Docker containers running as root—a common default configuration. The CVSS v3.1 base score is 7.6, reflecting limited confidentiality impact (C:L), high integrity impact (I:H), and no availability impact (A:N).

The vulnerability has been addressed in SiYuan version 3.6.1. Security practitioners should upgrade to this patched release, as detailed in the GitHub security advisory (GHSA-qvvf-q994-x79v), release notes (v3.6.1), and fixing commit (5ee00907f0b0c4aca748ce21ef1977bb98178e14).

Details

CWE(s): CWE-22 CWE-73

Affected Products

b3log

siyuan

≤ 3.6.1

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1485 Data Destruction Impact

Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.

attack.mitre.org →

Why these techniques?

Path traversal in web API endpoints enables exploitation of public-facing application (T1190). Arbitrary file writes facilitate data destruction via file overwrites (T1485).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/siyuan-note/siyuan/commit/5ee00907f0b0c4aca748ce21ef1977bb98178e14
Patch · security-advisories@github.com
https://github.com/siyuan-note/siyuan/releases/tag/v3.6.1
Release Notes · security-advisories@github.com
https://github.com/siyuan-note/siyuan/security/advisories/GHSA-qvvf-q994-x79v
Exploit, Vendor Advisory · security-advisories@github.com