CVE-2026-41421 Overview
A critical Cross-Site Scripting (XSS) to Remote Code Execution vulnerability has been identified in SiYuan, an open-source personal knowledge management system. Prior to version 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer without proper sanitization. The notification route POST /api/notification/pushMsg accepts a user-controlled msg value, forwards it through the backend broadcast layer, and the frontend inserts it into the DOM using insertAdjacentHTML(...) in message.ts.
On desktop builds, this vulnerability escalates beyond ordinary XSS because Electron windows are created with nodeIntegration: true, contextIsolation: false, and webSecurity: false in main.js. As a result, JavaScript executed from the notification sink can directly access Node.js APIs and escalate to full desktop code execution.
Critical Impact
Attackers can achieve full desktop code execution on affected SiYuan installations by injecting malicious JavaScript through notification messages, enabling complete system compromise.
Affected Products
- SiYuan Desktop versions prior to 3.6.5
- SiYuan Electron-based builds with insecure renderer configuration
- Systems running SiYuan with exposed notification API endpoints
Discovery Timeline
- 2026-04-24 - CVE CVE-2026-41421 published to NVD
- 2026-04-27 - Last updated in NVD database
Technical Details for CVE-2026-41421
Vulnerability Analysis
This vulnerability represents a severe security flaw that chains multiple weaknesses together to achieve code execution. The root issue stems from improper input validation (CWE-78) where user-supplied notification messages are processed as trusted HTML content. The attack surface is exposed through the /api/notification/pushMsg API endpoint, which accepts arbitrary message content without sanitization.
What makes this vulnerability particularly dangerous is the Electron configuration choices in SiYuan's desktop application. The combination of nodeIntegration: true grants JavaScript running in the renderer process direct access to Node.js APIs, while contextIsolation: false removes the security boundary between the renderer's JavaScript context and Electron's preload scripts. Additionally, webSecurity: false disables same-origin policy protections.
When an attacker injects malicious JavaScript through a crafted notification message, the code executes with full Node.js capabilities rather than being sandboxed as typical browser JavaScript. This allows the attacker to spawn child processes, read and write files, access network resources, and essentially perform any action the user running SiYuan can perform.
Root Cause
The vulnerability originates from the use of insertAdjacentHTML(...) in message.ts to render notification content without input sanitization. This allows arbitrary HTML and JavaScript injection. The critical escalation factor is the insecure Electron window configuration in main.js that enables Node.js integration within the renderer context, transforming what would normally be a client-side XSS vulnerability into full remote code execution.
Attack Vector
The attack requires local access and involves sending a crafted POST request to the /api/notification/pushMsg endpoint with a malicious msg parameter containing JavaScript payload. When the notification is rendered, the injected script executes in the Electron renderer with Node.js privileges, allowing the attacker to spawn system processes, access the filesystem, or install persistent malware.
The exploitation flow involves the attacker crafting a notification message containing embedded JavaScript that leverages Node.js APIs such as require('child_process').exec(). When this message is broadcast to connected clients and rendered via insertAdjacentHTML(), the malicious code executes with full system privileges.
Detection Methods for CVE-2026-41421
Indicators of Compromise
- Unusual POST requests to /api/notification/pushMsg containing HTML tags or script elements
- JavaScript execution attempting to access Node.js modules like child_process, fs, or os
- Unexpected process spawning originating from the SiYuan Electron process
- Suspicious network connections initiated by the SiYuan desktop application
Detection Strategies
- Monitor HTTP request logs for /api/notification/pushMsg endpoints containing suspicious payloads with <script> tags or event handlers
- Implement endpoint detection rules to alert on Node.js API calls from unexpected renderer contexts
- Deploy application-layer firewall rules to inspect and filter notification message content
- Use behavioral analysis to detect anomalous child process creation from Electron applications
Monitoring Recommendations
- Enable detailed logging for all notification API endpoints and review for injection attempts
- Monitor SiYuan process trees for unexpected child processes or system command execution
- Implement file integrity monitoring on systems running SiYuan to detect unauthorized modifications
- Configure network monitoring to identify unusual outbound connections from the SiYuan application
How to Mitigate CVE-2026-41421
Immediate Actions Required
- Upgrade SiYuan to version 3.6.5 or later immediately
- Restrict network access to the notification API endpoint if upgrading is not immediately possible
- Audit access logs for any suspicious notification API activity prior to patching
- Consider temporarily disabling notification functionality until the patch is applied
Patch Information
The vulnerability has been fixed in SiYuan version 3.6.5. Users should update their installations immediately to receive the security fix. For detailed information about the security patch, refer to the GitHub Security Advisory.
Workarounds
- Block or restrict access to the /api/notification/pushMsg endpoint at the network level until patching is complete
- If running SiYuan behind a reverse proxy, implement input validation rules to strip HTML tags from notification messages
- Deploy the application in an isolated environment with minimal system privileges
- Disable remote notification features if not required for your workflow
# Example: Block notification endpoint with iptables (temporary mitigation)
# Adjust IP ranges based on your network configuration
iptables -A INPUT -p tcp --dport 6806 -m string --string "/api/notification/pushMsg" --algo bm -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
