CVE-2026-32749 is a vulnerability classified under CWE-73 (External Control of File Name or Path) and CWE-22 (Path Traversal) affecting SiYuan, a personal knowledge management system. In versions 3.6.0 and earlier, the application’s import endpoints (/api/import/importSY and /api/import/importZipMd) accept uploaded archive files and write them to disk using a path derived directly from the multipart filename field without proper sanitization or validation. This lack of sanitization allows an authenticated admin user to craft filenames containing path traversal sequences or absolute paths, enabling them to write files outside the designated temporary directory. Such arbitrary file write capabilities can overwrite critical workspace or application files, potentially leading to remote code execution if system or application binaries/scripts are replaced. The threat is exacerbated in Docker container environments where SiYuan runs as root, as this grants attackers full control over the container. The vulnerability does not require user interaction but does require administrative privileges, limiting exploitation to trusted users or compromised admin accounts. The issue was publicly disclosed on March 19, 2026, with a CVSS v3.1 score of 7.6 (high severity), reflecting its significant impact on integrity and moderate impact on confidentiality, with no impact on availability. The vulnerability has been addressed in SiYuan version 3.6.1 by implementing proper filename sanitization and path validation to prevent directory traversal and arbitrary file writes.

The vulnerability allows attackers with admin privileges to overwrite arbitrary files on the host system, leading to potential remote code execution and full compromise of the SiYuan application environment. In containerized deployments, especially Docker containers running as root (a common default), this can result in complete container takeover, enabling attackers to execute arbitrary commands, escalate privileges, and persist within the environment. Data integrity is at high risk due to possible overwriting of workspace files, application binaries, or configuration files, which can cause data loss, application malfunction, or backdoor implantation. Confidentiality impact is moderate since the attacker must already have admin access, but the ability to execute code can lead to further lateral movement or data exfiltration. Availability impact is low as the vulnerability does not directly cause denial of service but could indirectly disrupt services if critical files are overwritten. Organizations relying on SiYuan for knowledge management may face operational disruption, data loss, and increased risk of broader compromise if this vulnerability is exploited.

1. Immediate upgrade to SiYuan version 3.6.1 or later, which includes the fix for this vulnerability through proper filename sanitization and path validation. 2. Restrict administrative access to trusted personnel only and enforce strong authentication mechanisms to reduce risk of admin account compromise. 3. Avoid running SiYuan containers as root; instead, configure containers to run under a non-root user to limit the impact of potential exploits. 4. Implement file integrity monitoring on critical application and system files to detect unauthorized modifications. 5. Employ network segmentation and access controls to limit exposure of SiYuan’s API endpoints to only necessary internal networks or VPNs. 6. Regularly audit and monitor logs for suspicious file upload activities or unusual admin operations. 7. If upgrading immediately is not feasible, consider disabling or restricting access to the vulnerable import endpoints as a temporary workaround. 8. Conduct security awareness training for administrators on the risks of file upload vulnerabilities and safe handling of privileged operations.