VDB
CVE-2026-33476
CVE-2026-33476
PUBLISHED
CVSS 7.5 HIGH
Siyuan has an Unauthenticated Arbitrary File Read via Path Traversal
EPSS 0.35% · 57.8th percentile
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.35%
57.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | siyuan-note/siyuan/kernel | 0, 0, 0 |
| siyuan-note | siyuan | < 3.6.2, < 3.6.2, < 3.6.2 |
| b3log | siyuan | 0, 0, 0 |
Timeline
- Mar 20, 2026 CVE Published
- Mar 20, 2026 PoC Published
- Mar 20, 2026 PoC Published
- Mar 20, 2026 PoC Published
- Mar 21, 2026 EPSS Score
- Mar 22, 2026 EPSS Score
- Mar 22, 2026 Coalition ESS Score
- Mar 22, 2026 Security Advisory
- Mar 23, 2026 EPSS Score
- Mar 24, 2026 EPSS Score
- Mar 24, 2026 PoC Published
- Mar 25, 2026 CVE Updated