CVE-2026-32750 is a path traversal vulnerability identified in the SiYuan personal knowledge management system, specifically affecting versions prior to 3.6.1. The vulnerability arises from insufficient validation of the localPath parameter in the POST /api/import/importStdMd API endpoint. This parameter is directly passed to the function model.ImportFromLocalPath, which recursively reads all files under the specified path and imports their contents into the SiYuan workspace database as note documents. Because there is no restriction or sanitization on the path input, an attacker with at least some privileges can specify arbitrary filesystem paths, causing the application to read and import sensitive files from the host system. These imported files become searchable and accessible to all users within the workspace, including those with Publish Service Reader roles, which normally have limited access. Furthermore, when combined with a separate SQL injection vulnerability (renderSprig), a non-administrative user can exploit this path traversal to read all imported secrets without requiring additional privileges. The vulnerability impacts confidentiality severely, as sensitive data can be exposed to unauthorized users. The issue was addressed and fixed in SiYuan version 3.6.1. The CVSS v3.1 base score is 6.8, reflecting network attack vector, low attack complexity, high privileges required, no user interaction, and a scope change with high confidentiality impact but no integrity or availability impact. No public exploits have been reported yet, but the vulnerability poses a significant risk if chained with other flaws.

The primary impact of this vulnerability is unauthorized disclosure of sensitive data stored on the host system running SiYuan. Attackers with access to the vulnerable API can import arbitrary files into the workspace database, making confidential information accessible to all workspace users, including those with limited privileges. This can lead to leakage of secrets, credentials, or proprietary documents. The combination with a separate SQL injection vulnerability further escalates the risk by enabling non-admin users to extract all imported secrets without additional permissions. Organizations using SiYuan versions prior to 3.6.1 face risks of data breaches, insider threat exploitation, and potential compliance violations due to exposure of sensitive information. Although the vulnerability does not affect system integrity or availability directly, the confidentiality breach can have severe consequences, including intellectual property loss, reputational damage, and regulatory penalties. The absence of known exploits in the wild currently reduces immediate risk, but the ease of exploitation given network access and low complexity makes timely patching critical.

To mitigate this vulnerability, organizations should immediately upgrade SiYuan to version 3.6.1 or later, where the issue is fixed. If upgrading is not immediately feasible, restrict access to the POST /api/import/importStdMd endpoint to trusted users only and implement network-level controls such as IP whitelisting or VPN access to limit exposure. Additionally, apply strict input validation and sanitization on the localPath parameter to prevent path traversal attempts. Monitor workspace database contents for unexpected or unauthorized imported files. Review and patch the related renderSprig SQL injection vulnerability to prevent combined exploitation. Employ role-based access controls to minimize privileges of users who can access import functionality and workspace data. Conduct regular audits and logging of import operations to detect suspicious activity. Finally, educate users and administrators about the risks of importing files from untrusted paths and enforce secure configuration management practices.