CVE-2026-40259
Published: 16 April 2026
Summary
CVE-2026-40259 is a high-severity Improper Authorization (CWE-285) vulnerability in B3Log Siyuan. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 7.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations before deleting attribute view files, preventing publish-service RoleReader tokens from performing unauthorized deletions.
Applies least privilege to restrict RoleReader accounts from accessing destructive endpoints like removeUnusedAttributeView, blocking exploitation by low-privilege users.
Authorizes access to workspace attribute view resources only by roles with write privileges, ensuring delete operations require appropriate permissions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability in the public API endpoint allows low-privileged authenticated users to delete arbitrary attribute view files without authorization checks, directly enabling exploitation of the public-facing application (T1190) and data destruction (T1485).
NVD Description
SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model function that unconditionally…
more
deletes the corresponding attribute view file from the workspace without verifying that the caller has write privileges or that the target attribute view is actually unused. An authenticated publish-service reader can permanently delete arbitrary attribute view definitions by extracting publicly exposed data-av-id values from published content, causing breakage of database views and workspace rendering until manually restored. This issue has been fixed in version 3.6.4.
Deeper analysisAI
CVE-2026-40259 affects SiYuan, an open-source personal knowledge management system, in versions 3.6.3 and prior. The vulnerability resides in the /api/av/removeUnusedAttributeView endpoint, which is protected only by generic authentication accepting publish-service RoleReader tokens. The endpoint handler directly passes a caller-controlled id to a model function that unconditionally deletes the corresponding attribute view file from the workspace, without verifying the caller's write privileges or confirming the attribute view is unused. This improper authorization flaw, mapped to CWE-285, carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).
An attacker with authenticated access as a publish-service reader can exploit this by extracting publicly exposed data-av-id values from published content and submitting them to the vulnerable endpoint. This enables permanent deletion of arbitrary attribute view definitions across the workspace, disrupting database views and rendering functionality until manual restoration by an administrator.
The issue has been addressed in SiYuan version 3.6.4, as detailed in the project's release notes and GitHub security advisory GHSA-7m5h-w69j-qggg. Security practitioners should upgrade to the patched version and review access controls for publish-service roles to mitigate risks.
Details
- CWE(s)