SiYuan is a personal knowledge management system that, in versions 3.6.0 and below, contains a critical design flaw in its WebSocket endpoint (/ws). This endpoint accepts unauthenticated WebSocket connections if the URL parameters ?app=siyuan&id=auth&type=auth are present. This behavior was intended to keep the kernel alive on the login page but inadvertently allows any external client, including malicious websites, to establish a WebSocket connection without authentication. Due to the lack of Origin header validation, cross-origin WebSocket connections are permitted, enabling attackers to bypass same-origin policies. Once connected, the attacker receives all server push events in real-time, which include sensitive document metadata such as document titles, notebook names, file paths, and all CRUD (Create, Read, Update, Delete) operations performed by authenticated users. This leakage compromises confidentiality and user privacy by exposing internal note-taking activities. The vulnerability is classified under CWE-287 (Improper Authentication) and was assigned CVE-2026-32815. It has a CVSS 4.0 base score of 5.3, indicating medium severity. The issue was addressed and fixed in SiYuan version 3.6.1 by presumably enforcing proper authentication and Origin header validation on the WebSocket endpoint.

The vulnerability allows attackers to bypass authentication and silently monitor a victim's note-taking activities in real-time. This compromises the confidentiality of sensitive information such as document titles, notebook names, file paths, and user operations, potentially exposing intellectual property, personal data, or business secrets. Organizations using SiYuan for knowledge management risk data leakage without any direct compromise of the host system. Since the attack can be triggered via a malicious website through cross-origin WebSocket connections, users can be targeted through phishing or drive-by attacks. The integrity and availability of the system are not directly impacted, but the privacy breach can lead to reputational damage, loss of trust, and potential regulatory compliance issues. The vulnerability affects all users running SiYuan versions below 3.6.1, especially those who access the software in environments where malicious web content can be encountered.

Upgrade SiYuan to version 3.6.1 or later, where this vulnerability is fixed. If immediate upgrade is not possible, restrict access to the WebSocket endpoint by implementing network-level controls such as firewall rules that block external access to the local SiYuan instance, especially from untrusted networks. Disable or limit WebSocket connections from untrusted origins by configuring reverse proxies or web application firewalls to enforce Origin header validation. Educate users to avoid visiting untrusted or suspicious websites while running vulnerable versions of SiYuan. Consider running SiYuan in isolated environments or containers with strict network policies to limit exposure. Monitor network traffic for unusual WebSocket connections to the /ws endpoint. Finally, vendors should consider adding authentication and strict origin checks to all WebSocket endpoints to prevent similar issues in future releases.