CVE-2026-23852 is a stored Cross-Site Scripting (XSS) vulnerability classified under CWE-94 (Improper Control of Generation of Code, i.e., code injection) affecting the SiYuan personal knowledge management system. The vulnerability exists in versions prior to 3.5.4 and arises from insufficient sanitization of user-supplied input in the `icon` attribute of blocks. Attackers can exploit the `/api/attr/setBlockAttrs` API endpoint to inject arbitrary HTML attributes into the icon attribute. When the dynamic icon feature renders this attribute, it does so in an unsanitized context, allowing the stored XSS payload to execute in the victim's environment. In the desktop application environment, this XSS can escalate to remote code execution (RCE), enabling an attacker to execute arbitrary code on the victim's machine. This vulnerability bypasses a previous fix (issue #15970) that attempted to address a similar XSS to RCE vector via dynamic icons, indicating incomplete remediation. The vulnerability is remotely exploitable without authentication and requires user interaction (e.g., viewing the affected block). The CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges required, user interaction required, and high scope impact on confidentiality, integrity, and availability. No public exploits are known at this time, but the potential for RCE in desktop environments elevates the risk. The vendor released version 3.5.4 containing an updated fix that properly sanitizes the icon attribute input to prevent injection.

For European organizations using SiYuan versions prior to 3.5.4, this vulnerability poses a significant risk, especially in environments where the desktop application is used. Successful exploitation can lead to stored XSS attacks that compromise user sessions, steal sensitive data, or perform actions on behalf of the user. More critically, in desktop environments, the vulnerability can escalate to remote code execution, allowing attackers to execute arbitrary code, potentially leading to full system compromise. This can result in data breaches, intellectual property theft, disruption of business operations, and lateral movement within networks. Given that SiYuan is a personal knowledge management system, the confidentiality and integrity of organizational knowledge bases are at risk. The medium CVSS score reflects the moderate ease of exploitation combined with the serious impact of RCE. Although no known exploits are currently reported, the presence of a bypass of a previous fix suggests attackers may develop exploits. European organizations with knowledge workers relying on SiYuan desktop clients should consider this a priority vulnerability to address to avoid compromise and data loss.

1. Immediate upgrade to SiYuan version 3.5.4 or later, which contains the updated fix for this vulnerability, is the most effective mitigation. 2. Until upgrade is possible, restrict access to the `/api/attr/setBlockAttrs` API endpoint to trusted users and networks only, using network segmentation and access control lists. 3. Implement Content Security Policy (CSP) headers in web environments hosting SiYuan to reduce the impact of XSS payloads. 4. Educate users to avoid opening untrusted or suspicious SiYuan blocks or documents, especially those containing dynamic icons. 5. Monitor application logs and network traffic for unusual API calls or injection attempts targeting the icon attribute. 6. Employ endpoint protection solutions capable of detecting and blocking suspicious code execution on desktop clients. 7. Conduct internal audits to identify and remediate any existing injected payloads in stored blocks. 8. Coordinate with SiYuan support or vendor channels for any additional patches or security advisories. These steps go beyond generic advice by focusing on API access control, user awareness specific to dynamic icons, and proactive detection of injection attempts.