CVE-2026-33476 Overview
CVE-2026-33476 is a directory traversal vulnerability in SiYuan, a personal knowledge management system developed by B3log. Prior to version 3.6.2, the SiYuan kernel exposes an unauthenticated file-serving endpoint under /appearance/*filepath. Due to improper path sanitization, attackers can perform directory traversal and read arbitrary files accessible to the server process. Authentication checks explicitly exclude this endpoint, allowing exploitation without valid credentials.
Critical Impact
Unauthenticated attackers can read sensitive files from the server filesystem, potentially exposing credentials, configuration files, private notes, and other confidential data stored on systems running vulnerable SiYuan instances.
Affected Products
- B3log SiYuan versions prior to 3.6.2
- SiYuan personal knowledge management system with exposed network endpoints
- Self-hosted SiYuan deployments accessible over the network
Discovery Timeline
- 2026-03-20 - CVE-2026-33476 published to NVD
- 2026-03-23 - Last updated in NVD database
Technical Details for CVE-2026-33476
Vulnerability Analysis
This vulnerability stems from a classic path traversal flaw (CWE-22) in the SiYuan kernel's file-serving functionality. The /appearance/*filepath endpoint is designed to serve appearance-related assets such as themes and icons, but lacks proper input validation on the filepath parameter. When processing requests, the application fails to adequately sanitize user-supplied path components, allowing attackers to escape the intended directory using sequences like ../ (dot-dot-slash).
What makes this vulnerability particularly severe is the explicit exclusion of this endpoint from authentication checks. This design decision, likely intended to allow unauthenticated access to public theme assets, creates an attack surface that requires no credentials to exploit. An attacker with network access to a vulnerable SiYuan instance can craft malicious HTTP requests to traverse the filesystem and retrieve arbitrary files readable by the server process.
Root Cause
The root cause is improper input validation and path sanitization in the file-serving handler for the /appearance/*filepath endpoint. The application does not properly validate or canonicalize the filepath parameter before using it to construct file paths, and the endpoint is explicitly excluded from authentication middleware. This combination allows unauthenticated path traversal attacks.
Attack Vector
The attack is network-based and requires no authentication or user interaction. An attacker sends crafted HTTP GET requests to the /appearance/ endpoint with path traversal sequences embedded in the URL path. The vulnerable server processes these requests without proper sanitization, returning the contents of files outside the intended appearance directory.
For example, an attacker could request files like /etc/passwd on Linux systems or sensitive configuration files containing database credentials and API keys. The attack surface includes any SiYuan instance exposed to the network, making internet-facing deployments particularly at risk.
The vulnerability mechanism involves manipulating the filepath parameter with directory traversal sequences. For detailed technical information about the vulnerable code paths and the security fix, refer to the GitHub Security Advisory GHSA-hhgj-gg9h-rjp7 and the patch commit.
Detection Methods for CVE-2026-33476
Indicators of Compromise
- HTTP requests to /appearance/ endpoints containing path traversal sequences such as ../, ..%2f, or ..%252f
- Unusual access patterns targeting the /appearance/ endpoint from external IP addresses
- Web server logs showing successful responses for requests with encoded traversal characters
- File access audit logs indicating reads of sensitive system files (/etc/passwd, /etc/shadow, configuration files) by the SiYuan process
Detection Strategies
- Implement web application firewall (WAF) rules to detect and block path traversal patterns in URL paths
- Monitor HTTP access logs for requests containing ../ sequences or URL-encoded equivalents targeting the /appearance/ endpoint
- Deploy intrusion detection system (IDS) signatures for directory traversal attack patterns
- Use SentinelOne Singularity to detect anomalous file access patterns by the SiYuan application process
Monitoring Recommendations
- Enable detailed logging for the SiYuan application and web server access logs
- Monitor for unusual file read operations originating from the SiYuan kernel process
- Set up alerts for requests to /appearance/ endpoints that return unexpected content types or large response sizes
- Review network traffic for reconnaissance patterns targeting this endpoint
How to Mitigate CVE-2026-33476
Immediate Actions Required
- Upgrade SiYuan to version 3.6.2 or later immediately
- If immediate patching is not possible, restrict network access to SiYuan instances using firewall rules
- Audit systems for signs of exploitation by reviewing web server access logs for suspicious requests
- Ensure SiYuan is not directly exposed to the internet without proper access controls
Patch Information
B3log has released version 3.6.2 of SiYuan which addresses this vulnerability. The fix implements proper path sanitization for the /appearance/*filepath endpoint. The security patch is available in commit 009bb598b3beccc972aa5f1ed88b3b224326bf2a.
For detailed patch information, see:
Workarounds
- Block external access to the /appearance/ endpoint using a reverse proxy or web application firewall
- Restrict network access to SiYuan to trusted IP addresses only using firewall rules
- Run SiYuan in a containerized environment with limited filesystem access to reduce impact of exploitation
- Place SiYuan behind an authentication proxy if it must be network-accessible before patching
# Example nginx configuration to block path traversal attempts
location /appearance/ {
# Block requests containing path traversal sequences
if ($request_uri ~* "\.\.") {
return 403;
}
# Restrict to localhost only until patched
allow 127.0.0.1;
deny all;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
