CVE-2026-50551

CVE-2026-50551CVE-2026-50551

Description

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan contains a stored cross-site scripting (XSS) vulnerability in the Attribute View (database) asset cell renderer that escalates to remote code execution (RCE) in the Electron desktop client. This vulnerability is fixed in 3.7.0.

Scoring

CVSS 9.9 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Last modified2026-06-24
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.