VDB

GHSA-hjh7-r5w8-5872

GHSA-hjh7-r5w8-5872 PUBLISHED CVSS 7.099999904632568 HIGH

SiYuan: Path Traversal via Double URL Encoding in `/export/` Endpoint (Incomplete Fix Bypass for CVE-2026-30869)

Risk Scores

CVSS 4.0
7.099999904632568
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
github.comsiyuan-note/siyuan/kernel0

Timeline

  • Apr 22, 2026 CVE Published
  • May 6, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›