CVE-2026-33067 Overview
SiYuan is a personal knowledge management system that has been found vulnerable to a Cross-Site Scripting (XSS) vulnerability that escalates to Remote Code Execution (RCE). Versions 3.6.0 and below render package metadata fields (displayName, description) using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which executes automatically when any user browses the Bazaar page. Because SiYuan's Electron configuration enables nodeIntegration: true with contextIsolation: false, this XSS escalates directly to full Remote Code Execution on the victim's operating system — with zero user interaction beyond opening the marketplace tab.
Critical Impact
This vulnerability allows attackers to achieve full Remote Code Execution on a victim's machine through a stored XSS attack in the Bazaar marketplace, requiring no user interaction beyond viewing the page.
Affected Products
- B3log SiYuan versions 3.6.0 and below
- SiYuan Desktop Application (Electron-based)
- SiYuan Bazaar Marketplace Component
Discovery Timeline
- 2026-03-20 - CVE-2026-33067 published to NVD
- 2026-03-23 - Last updated in NVD database
Technical Details for CVE-2026-33067
Vulnerability Analysis
This vulnerability represents a dangerous combination of improper input validation (CWE-79) and insecure Electron application configuration. The root issue lies in how SiYuan processes and renders package metadata within the Bazaar marketplace interface. When users browse available packages, the application dynamically renders metadata fields including displayName and description using JavaScript template literals without proper HTML sanitization or encoding.
The severity of this XSS vulnerability is dramatically amplified by SiYuan's Electron security configuration. The application runs with nodeIntegration: true and contextIsolation: false, which means JavaScript executing in the renderer process has direct access to Node.js APIs. This architectural decision transforms what would typically be a client-side XSS vulnerability into a full system compromise vector.
Root Cause
The vulnerability stems from two primary security failures:
Lack of HTML Escaping: The Bazaar component renders user-controlled package metadata fields (displayName, description) directly into the DOM using template literals without any HTML entity encoding or sanitization. This allows malicious HTML and JavaScript to be injected and executed in the context of the application.
Insecure Electron Configuration: The application's Electron configuration enables nodeIntegration: true while disabling contextIsolation. This configuration grants renderer-process JavaScript full access to Node.js APIs, including file system operations, process spawning, and network access.
Attack Vector
The attack vector is network-based and requires low privileges (a malicious actor only needs the ability to publish a package to the Bazaar marketplace). The attack unfolds as follows:
- An attacker creates a malicious SiYuan package with specially crafted metadata containing JavaScript payloads in the displayName or description fields
- The malicious package is uploaded to the SiYuan Bazaar marketplace
- When any user opens the Bazaar tab in their SiYuan application, the marketplace page renders and the malicious JavaScript executes automatically
- Due to the Electron misconfiguration, the injected script gains access to Node.js APIs
- The attacker's payload can then execute arbitrary system commands, read/write files, exfiltrate data, or install persistent malware
The attack requires no user interaction beyond navigating to the Bazaar page, making it particularly dangerous for supply chain attacks against SiYuan users.
Detection Methods for CVE-2026-33067
Indicators of Compromise
- Unusual JavaScript execution patterns in SiYuan's renderer process
- Unexpected child processes spawned by the SiYuan application
- Network connections originating from SiYuan to unknown external endpoints
- Suspicious file system activity in user directories initiated by SiYuan
- Package metadata in the Bazaar containing encoded JavaScript, script tags, or event handlers
Detection Strategies
- Monitor for SiYuan spawning unexpected child processes or shell commands
- Implement network monitoring for outbound connections from the SiYuan application to suspicious domains
- Review installed Bazaar packages for unusual metadata content containing HTML tags or JavaScript
- Enable endpoint detection and response (EDR) monitoring for Electron application anomalies
- Audit SiYuan application logs for rendering errors or JavaScript exceptions
Monitoring Recommendations
- Deploy SentinelOne to monitor for process injection and suspicious child process creation from Electron applications
- Configure network traffic analysis to flag unusual data exfiltration patterns from desktop applications
- Enable file integrity monitoring for directories commonly targeted by malware persistence mechanisms
- Monitor for registry or startup modifications that could indicate post-exploitation persistence
How to Mitigate CVE-2026-33067
Immediate Actions Required
- Upgrade SiYuan to version 3.6.1 or later immediately
- Review any packages installed from the Bazaar marketplace for suspicious content
- If unable to upgrade immediately, avoid accessing the Bazaar marketplace tab
- Consider temporarily running SiYuan in an isolated environment or virtual machine
- Audit system for signs of compromise if the Bazaar page was accessed while running a vulnerable version
Patch Information
B3log has addressed this vulnerability in SiYuan version 3.6.1. The fix implements proper HTML escaping for package metadata fields before rendering, preventing the injection of arbitrary HTML and JavaScript content. Users should update to version 3.6.1 or later through the official SiYuan release channels. For detailed information, refer to the GitHub Security Advisory.
Workarounds
- Avoid opening the Bazaar marketplace tab until the application is upgraded to version 3.6.1
- Disable network access for SiYuan to prevent loading potentially malicious package metadata
- If using an older version is required, run SiYuan in an isolated environment such as a virtual machine
- Review and audit all previously installed Bazaar packages for suspicious content
# Verify SiYuan version
# Navigate to Help > About in SiYuan
# Ensure version is 3.6.1 or higher
# To update SiYuan, download the latest release from:
# https://github.com/siyuan-note/siyuan/releases
# For added security, consider running in isolation:
# Use sandboxing tools or virtual machines when accessing untrusted content
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
