CVE-2026-39846

CriticalPublic PoC

Published: 07 April 2026

Published

07 April 2026

Modified

16 April 2026

KEV Added

—

Patch

—

CVSS Score 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

EPSS Score 0.0015 35.8th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

SiYuan is a personal knowledge management system. Prior to 3.6.4, a malicious note synced to another user can trigger remote code execution in the SiYuan Electron desktop client. The root cause is that table caption content is stored without safe…

escaping and later unescaped into rendered HTML, creating a stored XSS sink. Because the desktop renderer runs with nodeIntegration enabled and contextIsolation disabled, attacker-controlled JavaScript executes with access to Node.js APIs. In practice, an attacker can import a crafted note into a synced workspace, wait for the victim to sync, and achieve code execution when the victim opens the note. This vulnerability is fixed in 3.6.4.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mitigates the storage of table caption content without safe escaping by validating and sanitizing inputs to prevent creation of the stored XSS sink.

SI-15 Information Output Filtering good match

prevent

Prevents the unescaping of stored content into rendered HTML by filtering outputs, blocking XSS payload execution in the renderer.

CM-6 Configuration Settings good match

prevent

Enforces secure Electron configuration settings like disabling nodeIntegration and enabling contextIsolation to block XSS escalation to Node.js RCE.

Security SummaryAI

CVE-2026-39846 is a remote code execution vulnerability in the SiYuan personal knowledge management system, specifically affecting the Electron desktop client versions prior to 3.6.4. The issue stems from table caption content being stored without proper safe escaping and later unescaped into rendered HTML, resulting in a stored cross-site scripting (XSS) sink (CWE-79). Due to the desktop renderer operating with nodeIntegration enabled and contextIsolation disabled, attacker-controlled JavaScript gains access to Node.js APIs, escalating the XSS into arbitrary code execution (CWE-94).

An attacker with low privileges (PR:L) in a shared workspace can exploit this by importing a malicious note. When a victim user syncs the workspace and opens the note, user interaction (UI:R) triggers the payload, enabling network-accessible (AV:N) execution in a changed scope (S:C) with high confidentiality, integrity, and availability impacts (C:H/I:H/A:H). This allows full system compromise on the victim's machine.

The GitHub Security Advisory (GHSA-phhp-9rm9-6gr2) confirms the vulnerability is fixed in SiYuan version 3.6.4, recommending users update to this release for mitigation.

Details

CWE(s): CWE-79 CWE-94

Affected Products

b3log

siyuan

≤ 3.6.4

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution

Adversaries may exploit software vulnerabilities in client applications to execute code.

attack.mitre.org →

T1080 Taint Shared Content Lateral Movement

attack.mitre.org →

Why these techniques?

The vulnerability is a stored XSS in the Electron desktop client leading to RCE via Node.js APIs when victims open a malicious note in a shared workspace, directly enabling Exploitation for Client Execution (T1203) and Taint Shared Content (T1080).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/siyuan-note/siyuan/security/advisories/GHSA-phhp-9rm9-6gr2
Exploit, Vendor Advisory · security-advisories@github.com
https://github.com/siyuan-note/siyuan/security/advisories/GHSA-phhp-9rm9-6gr2
Exploit, Vendor Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0