CVE-2026-59853: CWE-862: Missing Authorization in siyuan-note siyuan
SiYuan versions prior to 3.7.1 contain a missing authorization vulnerability in the /api/storage/getCriteria endpoint. This endpoint returns saved search criteria without applying the publish-access…
Read the full article1d agoen


Comments
Sign in to join the conversation.
No comments yet. Be the first.