SiYuan knowledge management systems are vulnerable to sensitive file exfiltration, allowing attackers to copy and read local files via crafted HTML content.

The /api/lute/html2BlockDOM endpoint fails to validate file:// links in pasted HTML against a sensitive-path list. An attacker can trick the system into copying local files into the assets directory, which can then be accessed by an authenticated visitor via the GET /assets/*path endpoint.

The impact of this vulnerability is critical, as it allows for the unauthorized exfiltration of sensitive system files, including configuration files and personal data. With a CVSS score of 9.9, the risk to data confidentiality is extreme. Organizations or individuals using SiYuan for sensitive knowledge management could face significant data breaches and loss of privacy.

Immediate Action: Update SiYuan to version 3.6.1 or later immediately to resolve the path validation flaw.

Proactive Monitoring: Review the workspace assets directory for any unexpected files that may have been copied from sensitive local system paths.

Compensating Controls: Restrict access to the SiYuan web interface and disable the ability to paste HTML from untrusted sources until the patch is applied.

Public Exploit Available: No

The high CVSS score of 9.9 necessitates an immediate update to version 3.6.1. Users should be cautioned against pasting content from untrusted sources into the application until the update is confirmed. Prioritize the protection of the host machine's filesystem by applying the fix now.