Cyber Resilience

CVE-2026-33067

MediumPublic PoC

Published: 20 March 2026

Published
20 March 2026
Modified
23 March 2026
KEV Added
Patch
CVSS Score v4 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0055 41.7th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-33067 is a medium-severity Cross-site Scripting (CWE-79) vulnerability in B3Log Siyuan. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 41.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Deeper analysis

CVE-2026-33067 is a cross-site scripting (XSS) vulnerability (CWE-79) in SiYuan, a personal knowledge management system built on Electron. Versions 3.6.0 and prior render package metadata fields, such as displayName and description, using template literals without proper HTML escaping. This allows injected arbitrary HTML and JavaScript to execute when users access the Bazaar marketplace page. The vulnerability carries a CVSS v3.1 base score of 9.0 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).

A malicious package author with low privileges can exploit this by embedding malicious payloads in the affected metadata fields of a package published to the Bazaar marketplace. Any SiYuan user who browses the Bazaar page triggers automatic execution of the injected JavaScript. Due to SiYuan's Electron configuration enabling nodeIntegration: true and contextIsolation: false, the XSS escalates to full remote code execution (RCE) on the victim's operating system, requiring no further interaction beyond opening the marketplace tab.

The GitHub Security Advisory (GHSA-mvpm-v6q4-m2pf) confirms the issue has been addressed in SiYuan version 3.6.1. Security practitioners should urge users to update to 3.6.1 or later and avoid browsing untrusted packages in the Bazaar until patched.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata fields (displayName, description) using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which executes automatically when any user…

more

browses the Bazaar page. Because SiYuan's Electron configuration enables nodeIntegration: true with contextIsolation: false, this XSS escalates directly to full Remote Code Execution on the victim's operating system — with zero user interaction beyond opening the marketplace tab. This issue has been fixed in version 3.6.1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

XSS in Electron client app (nodeIntegration enabled) directly enables client-side exploitation for arbitrary code execution (T1203); resulting RCE allows use of command/script interpreters (T1059).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-33066Same product: B3Log Siyuan
CVE-2026-32751Same product: B3Log Siyuan
CVE-2026-29183Same product: B3Log Siyuan
CVE-2026-34605Same product: B3Log Siyuan
CVE-2026-40322Same product: B3Log Siyuan
CVE-2026-34585Same product: B3Log Siyuan
CVE-2026-39846Same product: B3Log Siyuan
CVE-2026-34448Same product: B3Log Siyuan
CVE-2026-23852Same product: B3Log Siyuan
CVE-2026-34449Same product: B3Log Siyuan

Affected Assets

b3log
siyuan
≤ 3.6.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Prevents XSS attacks by filtering untrusted package metadata outputs like displayName and description before rendering them on the Bazaar page using template literals.

prevent

Validates package metadata inputs from the Bazaar marketplace to block malicious HTML/JavaScript injections by package authors.

prevent

Addresses the vulnerability through timely flaw remediation by applying patches such as the fix implemented in SiYuan version 3.6.1.

References