CVE-2026-32749 is a vulnerability classified under CWE-73 (External Control of File Name or Path) and CWE-22 (Path Traversal) affecting SiYuan, a personal knowledge management system. Versions 3.6.0 and earlier contain a flaw in the POST /api/import/importSY and POST /api/import/importZipMd endpoints, which accept uploaded archive files. These endpoints derive the file write path directly from the multipart filename field without proper sanitization or validation. This allows an authenticated admin user to craft filenames containing path traversal sequences or absolute paths, enabling writing files outside the designated temporary directory. Such arbitrary file writes can overwrite critical workspace or application files, potentially leading to remote code execution (RCE). The risk is especially severe in Docker container deployments running as root, a common default configuration, where successful exploitation grants full container compromise. The vulnerability has a CVSS 3.1 base score of 7.6, indicating high severity, with an attack vector over the network, low attack complexity, requiring privileges (admin), no user interaction, and scope change. No known exploits are reported in the wild yet. The issue was fixed in SiYuan version 3.6.1 by implementing proper path sanitization and validation to prevent directory traversal and arbitrary file writes.

The vulnerability allows an authenticated admin user to write files to arbitrary locations on the host system, which can lead to overwriting critical application or workspace files, causing data loss or corruption. More critically, it enables remote code execution by placing malicious files in system or application paths, potentially allowing attackers to execute arbitrary commands. In containerized environments, especially Docker containers running as root, exploitation can lead to full container compromise, allowing attackers to control the container environment, escalate privileges, and potentially pivot to the host system or other network resources. This poses significant risks to confidentiality, integrity, and availability of organizational data and services. Organizations relying on SiYuan for knowledge management, especially those deploying it in containerized or production environments, face risks of operational disruption, data destruction, and unauthorized access.

Organizations should immediately upgrade SiYuan to version 3.6.1 or later, where the vulnerability is patched. Until upgrading, restrict admin access to trusted personnel only and monitor for suspicious activity related to file uploads. Implement network segmentation and container security best practices, such as running containers with least privilege (non-root users) to limit the impact of potential exploitation. Employ file integrity monitoring to detect unauthorized changes to critical files. Additionally, review and harden API access controls to ensure only authorized users can perform import operations. Consider deploying Web Application Firewalls (WAFs) with rules to detect and block path traversal attempts. Regularly audit container configurations and logs for signs of compromise. Finally, maintain up-to-date backups of workspace and application data to enable recovery in case of data destruction.