CVE-2026-32747 is a path traversal vulnerability classified under CWE-22 and CWE-184 affecting SiYuan, a personal knowledge management system, in versions 3.6.0 and earlier. The vulnerability arises from the globalCopyFiles API, which uses filepath.Abs() to resolve file paths but fails to enforce strict workspace boundary checks. Instead, it relies on a blocklist implemented by util.IsSensitivePath(), which incompletely filters sensitive paths, omitting critical directories such as /proc/, /run/secrets/, and home directory dotfiles. An attacker with administrative privileges can exploit this flaw to copy arbitrary files from outside the workspace into it, including sensitive files like /proc/1/environ and Docker container secrets. Since containerized deployments commonly inject secrets and environment variables as files in these directories, this vulnerability enables exfiltration of credentials and sensitive data accessible to the SiYuan process. The copied files remain accessible through the standard workspace file API and persist until manually deleted, increasing the risk of data leakage. The vulnerability does not require user interaction but does require administrative privileges. It has a CVSS v3.1 base score of 6.8, reflecting a medium severity with high confidentiality impact but no integrity or availability impact. The issue was addressed in SiYuan version 3.6.1 by improving path validation and boundary enforcement.

This vulnerability allows an attacker with administrative access to SiYuan to bypass intended file access restrictions and exfiltrate sensitive files from the host system or container environment. The confidentiality of critical data such as environment variables, Docker secrets, and system information can be compromised. In containerized environments, where secrets are often mounted as files, this can lead to leakage of credentials used for database access, cloud services, or other sensitive integrations. The persistence of exfiltrated files in the workspace increases the window of exposure and potential for further unauthorized access. While exploitation requires admin privileges, the impact on confidentiality is high, potentially enabling lateral movement or privilege escalation if secrets are reused elsewhere. Organizations relying on SiYuan for knowledge management, especially in DevOps or cloud-native deployments, face increased risk of sensitive data exposure and subsequent operational or reputational damage.

The primary mitigation is to upgrade SiYuan to version 3.6.1 or later, where the vulnerability has been fixed by enforcing proper workspace boundary checks and improving path validation logic. Administrators should audit existing workspaces for any suspicious or unexpected files copied from outside the workspace and remove them. Implement strict access controls to limit administrative privileges to trusted personnel only, reducing the risk of exploitation. In containerized deployments, avoid mounting sensitive secrets in locations accessible by SiYuan or isolate SiYuan processes with minimal permissions. Employ runtime monitoring to detect unusual file access patterns or copying activities. Additionally, consider implementing file integrity monitoring on workspace directories to alert on unauthorized file additions. Regularly review and update blocklists or allowlists for sensitive paths to ensure comprehensive coverage. Finally, educate administrators about the risks of path traversal vulnerabilities and the importance of timely patching.