SiYuan is a personal knowledge management application built on Electron. Versions up to 3.6.0 render package metadata fields such as displayName and description using JavaScript template literals without applying HTML escaping or sanitization. This improper neutralization of input (CWE-79) allows a malicious package author to craft metadata containing arbitrary HTML or JavaScript code. When a user opens the Bazaar page to browse packages, the injected script executes automatically. Critically, SiYuan's Electron environment is configured with nodeIntegration set to true and contextIsolation set to false, which removes typical sandbox protections and allows the injected script to access Node.js APIs. This configuration enables the XSS to escalate directly to full remote code execution on the victim's operating system. The attack requires no user interaction beyond opening the Bazaar tab, making it highly dangerous. The vulnerability was assigned CVE-2026-33067 and fixed in version 3.6.1 by properly escaping or sanitizing metadata fields before rendering. The CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges required, no user interaction, and low scope impact, resulting in a medium severity rating. No public exploits have been reported yet.

This vulnerability allows attackers to execute arbitrary code on the victim's machine by injecting malicious scripts into package metadata. Since SiYuan runs on Electron with nodeIntegration enabled and contextIsolation disabled, the attacker gains full access to the underlying operating system, potentially leading to complete system compromise. The attack requires only that the victim open the Bazaar marketplace tab, which is a common user action, increasing the risk of exploitation. Organizations using SiYuan for knowledge management could face data theft, unauthorized system access, malware deployment, or lateral movement within networks. The impact extends beyond confidentiality to integrity and availability, as attackers can manipulate or destroy data and disrupt operations. Although no known exploits are reported, the ease of exploitation and severity of consequences make this a significant threat for users of affected versions.

Upgrade SiYuan to version 3.6.1 or later, where the vulnerability is fixed by proper HTML escaping of package metadata fields. Until upgrading, users should avoid opening the Bazaar marketplace tab or installing packages from untrusted sources. Electron applications should be configured with nodeIntegration disabled and contextIsolation enabled to reduce the risk of similar vulnerabilities escalating to remote code execution. Developers should implement strict input validation and output encoding for all user-controllable data rendered in the UI. Network-level controls such as restricting access to the Bazaar marketplace or sandboxing the application environment can provide additional defense layers. Monitoring for unusual process behavior or network activity originating from SiYuan may help detect exploitation attempts.