How is CVE-2026-56395 exploited?

Network reachability (required): The attacker must serve a malicious Bazaar package reachable over the internet; the victim's SiYuan client fetches and renders the payload when browsing the marketplace. Authentication (not-required): No account or credentials are needed; any unauthenticated attacker can publish a malicious package to the Bazaar marketplace. Victim interaction (required): The victim must open the Bazaar marketplace in SiYuan and browse to or load a listing that contains the injected XSS payload. Attack complexity (info): The exploit is reliable and condition-free once the malicious package is listed; no race conditions or special memory-layout requirements are involved.

What is the impact of CVE-2026-56395?

Attacker executes arbitrary OS commands on the victim's host via Electron's nodeIntegration, gaining full control of the local process. All files and credentials accessible to the SiYuan process can be read, exfiltrated, or destroyed. The attacker can modify persisted notes, configuration files, and any data stored in the SiYuan workspace. Compromise extends beyond the local system boundary because the CVSS v4.0 vector records high impact on subsequent-system confidentiality, integrity, and availability, meaning lateral movement or supply-chain abuse is within scope.

Back to search

CRITICALCVE-2026-56395Published 2026-06-21Modified 2026-06-21CNA VulnCheck

CVE-2026-56395: SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README

SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package displayName, description, or README fields, exploiting Electron's nodeIntegration setting to execute OS commands.

CVSS v4.0: 9.4
Severity: CRITICAL
Fixed in: 3.6.1
Affected Products: 1

HarborGuard Analysis

Synopsis

A cross-site scripting (XSS) to remote code execution vulnerability affects SiYuan, a note-taking application built on Electron, in versions before 3.6.1. The vulnerability is reachable over the network and requires no authentication; a user must browse the Bazaar marketplace while a malicious package is listed there. Successful exploitation gives the attacker full remote code execution on the victim's host by abusing Electron's nodeIntegration setting to run arbitrary OS commands. A patched-image rebuild at version 3.6.1 is available on HarborGuard for affected environments.

HarborGuard Coverage

Detection

Detection of CVE-2026-56395 is available across every HarborGuard environment; the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images in registries, CI/CD pipelines, and custom-built images derived from SiYuan base layers.

Available

Triage

HarborGuard scores this CVE at 9.4 CRITICAL using the CVSS v4.0 vector and weights findings against each environment's compliance policy to determine urgency and routing, surfacing alerts to the appropriate team inbox within each customer organization.

Available

Patch

A patched-image rebuild at SiYuan 3.6.1 is available on HarborGuard for any environment running an affected version. For customers who opt into auto-remediation, HarborGuard triggers a rebuild, runs a regression test suite, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

Network reachabilityRequired
The attacker must serve a malicious Bazaar package reachable over the internet; the victim's SiYuan client fetches and renders the payload when browsing the marketplace.
AuthenticationNot required
No account or credentials are needed; any unauthenticated attacker can publish a malicious package to the Bazaar marketplace.
Victim interactionRequired
The victim must open the Bazaar marketplace in SiYuan and browse to or load a listing that contains the injected XSS payload.
Attack complexityDetail
The exploit is reliable and condition-free once the malicious package is listed; no race conditions or special memory-layout requirements are involved.

Blast Radius

Attacker executes arbitrary OS commands on the victim's host via Electron's nodeIntegration, gaining full control of the local process.
All files and credentials accessible to the SiYuan process can be read, exfiltrated, or destroyed.
The attacker can modify persisted notes, configuration files, and any data stored in the SiYuan workspace.
Compromise extends beyond the local system boundary because the CVSS v4.0 vector records high impact on subsequent-system confidentiality, integrity, and availability, meaning lateral movement or supply-chain abuse is within scope.

How HarborGuard Handles This

Available on HarborGuard: detection triggers within minutes of advisory ingestion for any image derived from a SiYuan base layer older than 3.6.1, covering both registry-resident images and images built inline in CI pipelines. For customers who opt into auto-remediation, HarborGuard rebuilds the image at version 3.6.1, runs a regression test run, and opens a pull request against affected workloads; for CRITICAL-severity issues the median time from CVE publication to merged patch PR is around 90 minutes in environments with auto-remediation enabled. Where compliance policy requires manual approval, the rebuilt image at 3.6.1 is staged and a triage alert is routed to the designated team inbox. As a compensating control prior to patching, network policy rules that restrict SiYuan container egress to known-good endpoints can reduce exposure to malicious Bazaar content being fetched and rendered.

See how HarborGuard automates this

Fix available

3.6.1

Affected packages

SiYuan / SiYuan
< 3.6.1 (from 0)
Fixed in 3.6.1

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available