CVE-2026-32750 is a path traversal vulnerability identified in the SiYuan note-taking and knowledge management system, specifically affecting versions prior to 3.6.1. The issue arises from the POST /api/import/importStdMd API endpoint, which accepts a localPath parameter that is directly passed to the internal function model.ImportFromLocalPath without any path validation or sanitization. This lack of validation enables an attacker with at least some level of authenticated access (high privileges required) to specify arbitrary filesystem paths. The ImportFromLocalPath function recursively reads all files under the specified path and imports their contents into the SiYuan workspace database as note documents. These imported documents are then searchable and accessible to all users within the workspace, including those with Publish Service Reader roles, which typically have read-only access. Because the data persists across restarts, sensitive files such as configuration files, credentials, or other secrets stored on the host can be exfiltrated indirectly through the application interface. Furthermore, when combined with a separate renderSprig SQL injection vulnerability, a non-admin user can escalate their ability to read all imported secrets without further privileges. The vulnerability does not affect data integrity or availability but poses a significant confidentiality risk. The issue was addressed and fixed in SiYuan version 3.6.1 by implementing proper path validation and restricting unauthorized file imports. The CVSS v3.1 base score is 6.8, reflecting network attack vector, low attack complexity, required privileges, no user interaction, and a scope change due to data exposure beyond the initial component.

This vulnerability allows attackers with authenticated access to read arbitrary files on the host system by importing them into the SiYuan workspace database. The confidentiality of sensitive data such as credentials, configuration files, or proprietary documents can be compromised. Because imported data is accessible to all workspace users, including read-only roles, the attack surface extends beyond the initial privileged user. The persistence of data across restarts increases the window for data exfiltration. Combined with the renderSprig SQL injection vulnerability, even non-admin users can exploit this flaw to access sensitive information, significantly increasing the risk of insider threats or lateral movement within organizations. Organizations using SiYuan for knowledge management may face data leakage, intellectual property theft, or exposure of secrets that could facilitate further attacks. The vulnerability does not impact system integrity or availability directly but undermines trust in the confidentiality of the knowledge management system.

Upgrade SiYuan to version 3.6.1 or later, where this vulnerability is fixed with proper path validation. Until upgrading, restrict access to the /api/import/importStdMd endpoint to trusted administrators only, minimizing the number of users who can invoke the import functionality. Implement strict access controls and monitoring on workspace user roles, especially limiting Publish Service Reader accounts to only necessary users. Employ network segmentation and firewall rules to restrict access to the SiYuan service from untrusted networks. Conduct regular audits of imported documents in the workspace database to detect any suspicious or unexpected content. Additionally, review and patch the related renderSprig SQL injection vulnerability to prevent combined exploitation. Consider deploying application-layer firewalls or runtime application self-protection (RASP) solutions to detect and block path traversal attempts. Finally, educate users about the risks of importing files from untrusted paths and enforce secure operational procedures.