Overview
A cross-site scripting (XSS) vulnerability has been identified in SiYuan, an open-source personal knowledge management system. Tracked as CVE-2026-40322 with a CVSS score of 9.0, the flaw allows attackers to execute arbitrary JavaScript in the context of a victim's SiYuan session by embedding malicious Mermaid diagram code blocks in shared notes or documents.
Technical Details
SiYuan renders Mermaid diagrams using the securityLevel: "loose" configuration. In this mode, Mermaid generates SVG output that is directly injected into the DOM via innerHTML. Because innerHTML does not sanitize anchor href attributes, attacker-controlled javascript: URLs embedded within Mermaid diagram code survive the rendering pipeline and execute when a user interacts with the resulting SVG element.
The attack vector requires that an attacker either:
- Controls a shared SiYuan document or note accessible to the victim, or
- Convinces a victim to import or open a crafted
.sydocument containing the malicious Mermaid block.
Because SiYuan is an Electron-based desktop application, successful XSS can escalate to arbitrary code execution in the local filesystem context, depending on the Electron shell's nodeIntegration and contextIsolation settings in affected builds.
Proof of Concept
A minimal malicious Mermaid block that triggers the vulnerability:
graph LR
A[<a href="javascript:alert(document.cookie)">Click Me</a>] --> B[Result]
When rendered in affected versions, clicking the node executes the embedded JavaScript payload.
Affected Versions
| Product | Affected Versions | Status |
|---|---|---|
| SiYuan | 3.6.3 and below | Patch pending |
CVSS Score
| Metric | Value |
|---|---|
| Base Score | 9.0 (Critical) |
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | Required |
| Scope | Changed |
| Confidentiality | High |
| Integrity | High |
| Availability | Low |
Mitigation
At time of publication, no official patch has been released for this vulnerability. Users of SiYuan are advised to:
- Avoid opening untrusted documents — Do not import or view SiYuan notes from unknown sources until a patch is available.
- Disable Mermaid rendering — If possible, disable diagram rendering in SiYuan preferences.
- Monitor for updates — Watch the SiYuan GitHub repository for a patched release addressing this CVE.
- Network isolation — Consider running SiYuan in an isolated environment if processing documents from external parties.