<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 11 Jul 2026 09:02:46 +0000</lastBuildDate>
    <item>
      <title>54e3126a-b380-42e9-a431-a70aaa898407</title>
      <link>https://vulnerability.circl.lu/sighting/54e3126a-b380-42e9-a431-a70aaa898407/export</link>
      <description>{"uuid": "54e3126a-b380-42e9-a431-a70aaa898407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54070", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w7cg-whh7-xp28", "content": "", "creation_timestamp": "2026-07-10T20:35:11.993796Z"}</description>
      <content:encoded>{"uuid": "54e3126a-b380-42e9-a431-a70aaa898407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54070", "type": "published-proof-of-concept", "source": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w7cg-whh7-xp28", "content": "", "creation_timestamp": "2026-07-10T20:35:11.993796Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/54e3126a-b380-42e9-a431-a70aaa898407/export</guid>
      <pubDate>Fri, 10 Jul 2026 20:35:11 +0000</pubDate>
    </item>
    <item>
      <title>4d2bc51f-80bf-446a-8256-7df65b29d759</title>
      <link>https://vulnerability.circl.lu/sighting/4d2bc51f-80bf-446a-8256-7df65b29d759/export</link>
      <description>{"uuid": "4d2bc51f-80bf-446a-8256-7df65b29d759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54070", "type": "seen", "source": "https://gist.github.com/alon710/b90f7da9d543dd51155aefe8a87d6f66", "content": "# CVE-2026-54070: CVE-2026-54070: Stored Cross-Site Scripting via Modern HTML5 Event Handler Bypass in SiYuan Bazaar\n\n&amp;gt; **CVSS Score:** 7.1\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-54070\n\n## Summary\nA high-severity Stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan prior to version 3.7.0. The vulnerability is located within the server-side Markdown-to-HTML parsing component for the Bazaar marketplace packages. Due to an incomplete event-handler attribute blocklist in the lute parsing engine and a lack of client-side DOM sanitization, malicious package authors can bypass restrictions using modern HTML5 event handlers. When an authenticated administrator views a malicious package, the embedded JavaScript runs in the administrator origin, allowing unauthorized workspace access, local file reading, and remote API execution.\n\n## TL;DR\nStored XSS in SiYuan's Bazaar package rendering component allows unauthenticated attackers to execute arbitrary JavaScript in the context of the administrator origin, leading to complete workspace compromise.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-79 / CWE-184\n- **Attack Vector**: Network\n- **CVSS Score**: 7.1 (High)\n- **EPSS Score**: 0.0018 (Percentile: 7.75%)\n- **Impact**: Stored Cross-Site Scripting (XSS)\n- **Exploit Status**: poc\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- SiYuan Note-Taking Application\n- **SiYuan**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade SiYuan to version 3.7.0 or above\n- Block outbound application requests to unauthorized public package registries\n- Avoid browsing third-party marketplace listings until the application is updated\n\n**Remediation Steps:**\n1. Identify all deployed SiYuan application instances and verify current versions.\n2. Download the release package for version 3.7.0 or newer from the official distribution channel.\n3. Install the update, restart the local service, and confirm the version display in Settings -&amp;gt; About.\n4. Monitor outbound server logs for unexpected HTTP requests to unknown external domains.\n\n## References\n\n- [GitHub Security Advisory GHSA-w7cg-whh7-xp28](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w7cg-whh7-xp28)\n- [NVD CVE-2026-54070 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-54070)\n- [SiYuan Fix Commit 27e0051e0d067892e833df1063cb2fb469600e98](https://github.com/siyuan-note/siyuan/commit/27e0051e0d067892e833df1063cb2fb469600e98)\n- [CVE-2026-54070 Record](https://www.cve.org/CVERecord?id=CVE-2026-54070)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-54070) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-10T19:42:40.547539Z"}</description>
      <content:encoded>{"uuid": "4d2bc51f-80bf-446a-8256-7df65b29d759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54070", "type": "seen", "source": "https://gist.github.com/alon710/b90f7da9d543dd51155aefe8a87d6f66", "content": "# CVE-2026-54070: CVE-2026-54070: Stored Cross-Site Scripting via Modern HTML5 Event Handler Bypass in SiYuan Bazaar\n\n&amp;gt; **CVSS Score:** 7.1\n&amp;gt; **Published:** 2026-07-10\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-54070\n\n## Summary\nA high-severity Stored Cross-Site Scripting (XSS) vulnerability exists in SiYuan prior to version 3.7.0. The vulnerability is located within the server-side Markdown-to-HTML parsing component for the Bazaar marketplace packages. Due to an incomplete event-handler attribute blocklist in the lute parsing engine and a lack of client-side DOM sanitization, malicious package authors can bypass restrictions using modern HTML5 event handlers. When an authenticated administrator views a malicious package, the embedded JavaScript runs in the administrator origin, allowing unauthorized workspace access, local file reading, and remote API execution.\n\n## TL;DR\nStored XSS in SiYuan's Bazaar package rendering component allows unauthenticated attackers to execute arbitrary JavaScript in the context of the administrator origin, leading to complete workspace compromise.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-79 / CWE-184\n- **Attack Vector**: Network\n- **CVSS Score**: 7.1 (High)\n- **EPSS Score**: 0.0018 (Percentile: 7.75%)\n- **Impact**: Stored Cross-Site Scripting (XSS)\n- **Exploit Status**: poc\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- SiYuan Note-Taking Application\n- **SiYuan**: &amp;lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade SiYuan to version 3.7.0 or above\n- Block outbound application requests to unauthorized public package registries\n- Avoid browsing third-party marketplace listings until the application is updated\n\n**Remediation Steps:**\n1. Identify all deployed SiYuan application instances and verify current versions.\n2. Download the release package for version 3.7.0 or newer from the official distribution channel.\n3. Install the update, restart the local service, and confirm the version display in Settings -&amp;gt; About.\n4. Monitor outbound server logs for unexpected HTTP requests to unknown external domains.\n\n## References\n\n- [GitHub Security Advisory GHSA-w7cg-whh7-xp28](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w7cg-whh7-xp28)\n- [NVD CVE-2026-54070 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-54070)\n- [SiYuan Fix Commit 27e0051e0d067892e833df1063cb2fb469600e98](https://github.com/siyuan-note/siyuan/commit/27e0051e0d067892e833df1063cb2fb469600e98)\n- [CVE-2026-54070 Record](https://www.cve.org/CVERecord?id=CVE-2026-54070)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-54070) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-10T19:42:40.547539Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4d2bc51f-80bf-446a-8256-7df65b29d759/export</guid>
      <pubDate>Fri, 10 Jul 2026 19:42:40 +0000</pubDate>
    </item>
  </channel>
</rss>
