<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-13T03:42:22.849951+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/189dc4aa-7990-45c9-a087-7d60e8735c27/export</id>
    <title>189dc4aa-7990-45c9-a087-7d60e8735c27</title>
    <updated>2026-07-13T03:42:22.873999+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "189dc4aa-7990-45c9-a087-7d60e8735c27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50551", "type": "seen", "source": "https://gist.github.com/alon710/215bfec609456ef9029abde8936c9791", "content": "# CVE-2026-50551: CVE-2026-50551: Stored Cross-Site Scripting to Remote Code Execution via Attribute View Asset Cell Renderer in SiYuan\n\n&amp;gt; **CVSS Score:** 9.9\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-50551\n\n## Summary\nA critical-severity stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan's Attribute View database asset cell renderer. This flaw allows low-privilege authenticated users to execute arbitrary JavaScript in the application frontend. In Electron-based desktop clients, this execution context can be leveraged to execute arbitrary native operating system commands, resulting in complete system compromise.\n\n## TL;DR\nStored XSS in SiYuan's database asset renderer allows unauthenticated remote code execution via synchronizing a maliciously crafted database in Electron clients.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-79\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 9.9 (Critical)\n- **Impact**: Remote Code Execution (RCE)\n- **Exploit Status**: Proof of Concept (PoC) documented\n- **KEV Status**: Not listed\n\n## Affected Systems\n\n- SiYuan (Desktop App &amp;amp; Self-hosted Server)\n- **siyuan**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade the SiYuan application to version 3.7.0 or later immediately.\n- Isolate self-hosted servers behind access control lists to prevent untrusted database synchronization.\n- Enforce context isolation policies in desktop environments to contain potential renderer compromises.\n\n**Remediation Steps:**\n1. Identify all deployed desktop clients and self-hosted instances of SiYuan.\n2. Download and install version 3.7.0 or higher from the official repository or application store.\n3. Verify the application version via the settings interface to ensure the patch is applied.\n\n## References\n\n- [GitHub Security Advisory GHSA-56mp-4f3v-fgj2](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56mp-4f3v-fgj2)\n- [NVD Vulnerability Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-50551)\n- [CVE Authority Record](https://www.cve.org/CVERecord?id=CVE-2026-50551)\n- [Fix Merge Commit](https://github.com/siyuan-note/siyuan/commit/27e0051e0d067892e833df1063cb2fb469600e98)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-50551) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-11T00:01:00.222280Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/189dc4aa-7990-45c9-a087-7d60e8735c27/export"/>
    <published>2026-07-11T00:01:00.222280+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a0ab5b28-ed8c-4a4a-a19a-af2370f02c77/export</id>
    <title>a0ab5b28-ed8c-4a4a-a19a-af2370f02c77</title>
    <updated>2026-07-13T03:42:22.875661+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a0ab5b28-ed8c-4a4a-a19a-af2370f02c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50551", "type": "seen", "source": "https://gist.github.com/alon710/215bfec609456ef9029abde8936c9791", "content": "# CVE-2026-50551: CVE-2026-50551: Stored Cross-Site Scripting to Remote Code Execution via Attribute View Asset Cell Renderer in SiYuan\n\n&amp;gt; **CVSS Score:** 9.9\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-50551\n\n## Summary\nA critical-severity stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan's Attribute View database asset cell renderer. This flaw allows low-privilege authenticated users to execute arbitrary JavaScript in the application frontend. In Electron-based desktop clients, this execution context can be leveraged to execute arbitrary native operating system commands, resulting in complete system compromise.\n\n## TL;DR\nStored XSS in SiYuan's database asset renderer allows unauthenticated remote code execution via synchronizing a maliciously crafted database in Electron clients.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-79\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 9.9 (Critical)\n- **Impact**: Remote Code Execution (RCE)\n- **Exploit Status**: Proof of Concept (PoC) documented\n- **KEV Status**: Not listed\n\n## Affected Systems\n\n- SiYuan (Desktop App &amp;amp; Self-hosted Server)\n- **siyuan**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade the SiYuan application to version 3.7.0 or later immediately.\n- Isolate self-hosted servers behind access control lists to prevent untrusted database synchronization.\n- Enforce context isolation policies in desktop environments to contain potential renderer compromises.\n\n**Remediation Steps:**\n1. Identify all deployed desktop clients and self-hosted instances of SiYuan.\n2. Download and install version 3.7.0 or higher from the official repository or application store.\n3. Verify the application version via the settings interface to ensure the patch is applied.\n\n## References\n\n- [GitHub Security Advisory GHSA-56mp-4f3v-fgj2](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56mp-4f3v-fgj2)\n- [NVD Vulnerability Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-50551)\n- [CVE Authority Record](https://www.cve.org/CVERecord?id=CVE-2026-50551)\n- [Fix Merge Commit](https://github.com/siyuan-note/siyuan/commit/27e0051e0d067892e833df1063cb2fb469600e98)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-50551) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-10T23:42:38.231666Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a0ab5b28-ed8c-4a4a-a19a-af2370f02c77/export"/>
    <published>2026-07-10T23:42:38.231666+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ab0cead5-4b89-4467-9799-0c7ca7f7c339/export</id>
    <title>ab0cead5-4b89-4467-9799-0c7ca7f7c339</title>
    <updated>2026-07-13T03:42:22.875782+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "ab0cead5-4b89-4467-9799-0c7ca7f7c339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-50551", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56mp-4f3v-fgj2", "content": "", "creation_timestamp": "2026-07-10T22:35:05.690864Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ab0cead5-4b89-4467-9799-0c7ca7f7c339/export"/>
    <published>2026-07-10T22:35:05.690864+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3948f849-93cf-4dbc-b833-a1e8a5ced76d/export</id>
    <title>3948f849-93cf-4dbc-b833-a1e8a5ced76d</title>
    <updated>2026-07-13T03:42:22.876795+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3948f849-93cf-4dbc-b833-a1e8a5ced76d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50551", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqd2wbs2yf22", "content": "CVE-2026-50551 - siyuan-note\nSiYuan, a personal knowledge management system, contains a security flaw that can allow an attacker to execute malicious code on users' computers. This vulnerability affects\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#siyuannote #Golang #CVE #infosec", "creation_timestamp": "2026-07-10T21:14:06.260232Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3948f849-93cf-4dbc-b833-a1e8a5ced76d/export"/>
    <published>2026-07-10T21:14:06.260232+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8ca24204-3de0-46a7-af21-4d51f948bdb6/export</id>
    <title>8ca24204-3de0-46a7-af21-4d51f948bdb6</title>
    <updated>2026-07-13T03:42:22.876893+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "8ca24204-3de0-46a7-af21-4d51f948bdb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-50554", "type": "published-proof-of-concept", "source": "https://github.com/enchant97/note-mark/security/advisories/GHSA-588f-fvcv-xhvf", "content": "", "creation_timestamp": "2026-07-09T14:35:10.180343Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8ca24204-3de0-46a7-af21-4d51f948bdb6/export"/>
    <published>2026-07-09T14:35:10.180343+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/142f7a2d-3d32-4524-8aac-f703f42bcf1c/export</id>
    <title>142f7a2d-3d32-4524-8aac-f703f42bcf1c</title>
    <updated>2026-07-13T03:42:22.876973+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "142f7a2d-3d32-4524-8aac-f703f42bcf1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-50553", "type": "published-proof-of-concept", "source": "https://github.com/enchant97/note-mark/security/advisories/GHSA-rqrh-8wpv-x7hh", "content": "", "creation_timestamp": "2026-07-09T14:35:07.947259Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/142f7a2d-3d32-4524-8aac-f703f42bcf1c/export"/>
    <published>2026-07-09T14:35:07.947259+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2b4329ac-15df-44ee-a127-60faf2bd4c3e/export</id>
    <title>2b4329ac-15df-44ee-a127-60faf2bd4c3e</title>
    <updated>2026-07-13T03:42:22.877046+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2b4329ac-15df-44ee-a127-60faf2bd4c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50553", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq7sctc67r25", "content": "CVE-2026-50553 - enchant97\nNote Mark's export feature can write files outside the intended directory due to unsanitized book and note slugs. This can happen because the software does not properly check the\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#enchant97 #Golang #CVE #infosec", "creation_timestamp": "2026-07-09T14:02:22.529089Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2b4329ac-15df-44ee-a127-60faf2bd4c3e/export"/>
    <published>2026-07-09T14:02:22.529089+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c37039de-e6c1-4dcc-8f62-f9376a12b126/export</id>
    <title>c37039de-e6c1-4dcc-8f62-f9376a12b126</title>
    <updated>2026-07-13T03:42:22.877119+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c37039de-e6c1-4dcc-8f62-f9376a12b126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50559", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mps7ejvrvj2k", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-50559 \u0432 Quarkus: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/72E99481-D133-4F03-91BA-85DF881C986C", "creation_timestamp": "2026-07-04T04:18:24.281232Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c37039de-e6c1-4dcc-8f62-f9376a12b126/export"/>
    <published>2026-07-04T04:18:24.281232+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/babe0fb6-b5f3-4be4-bb1a-d4257a58b70f/export</id>
    <title>babe0fb6-b5f3-4be4-bb1a-d4257a58b70f</title>
    <updated>2026-07-13T03:42:22.877196+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "babe0fb6-b5f3-4be4-bb1a-d4257a58b70f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50556", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mps6rfuwao2b", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-50556 \u0432 Angular: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/E76439F7-9055-4F59-80F3-F190FA8D35A2", "creation_timestamp": "2026-07-04T04:07:42.939173Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/babe0fb6-b5f3-4be4-bb1a-d4257a58b70f/export"/>
    <published>2026-07-04T04:07:42.939173+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c1c2db4a-442c-4c60-9435-edf7860c4eb5/export</id>
    <title>c1c2db4a-442c-4c60-9435-edf7860c4eb5</title>
    <updated>2026-07-13T03:42:22.877267+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c1c2db4a-442c-4c60-9435-edf7860c4eb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-50551", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116808510648585515", "content": "CVE-2026-50551: SiYuan (&amp;lt;3.7.0) suffers CRITICAL stored XSS in Attribute View, enabling RCE via Electron client. Upgrade to v3.7.0+ to mitigate. No workaround available. Details: https://radar.offseq.com/threat/cve-2026-50551-cwe-79-improper-neutralization-of-i-e91ef5b4d83fcdb8 #OffSeq #XSS #SiYuan #Cybersecurity", "creation_timestamp": "2026-06-25T03:00:28.769501Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c1c2db4a-442c-4c60-9435-edf7860c4eb5/export"/>
    <published>2026-06-25T03:00:28.769501+00:00</published>
  </entry>
</feed>
