Loading market data...
← Back to CVE feed

CVE-2026-50551

CRITICAL CVSS 9.9 View on NVD ↗

Description

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan contains a stored cross-site scripting (XSS) vulnerability in the Attribute View (database) asset cell renderer that escalates to remote code execution (RCE) in the Electron desktop client. This vulnerability is fixed in 3.7.0.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Published: Jun 24, 2026 22:16 UTC Modified: Jun 25, 2026 14:16 UTC