Vulnerabilities

Report: Update: CVE-2026-40322 - SiYuan: Mermaid `javascript:` Link Injection Leads to Stored XSS and Electron RCE

2026-04-17 0 views admin
Report: Update: CVE-2026-40322 - SiYuan: Mermaid `javascript:` Link Injection Leads to Stored XSS and Electron RCE

CVE ID :CVE-2026-40322 Published : April 16, 2026, 11:16 p.m. | 1 hour, 52 minutes ago Description :SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered with securityLevel set to

CVE Details

Published
April 16, 2026

🏷️ Tags

reportupdate40322siyuanmermaidjavascriptinjectionleadsstoredelectron

More from Vulnerabilities

Report: Update: CVE-2026-25107 - ELECOM Wireless LAN Access Point Device Cryptographic Key Weakness

Report: Update: CVE-2026-25107 - ELECOM Wireless LAN Access Point Device Cryptographic Key Weakness

2026-05-13 0
Report: CVE-2026-35506 - ELECOM Wireless LAN Access Point OS Command Injection Vulnerability

Report: CVE-2026-35506 - ELECOM Wireless LAN Access Point OS Command Injection Vulnerability

2026-05-13 0
Report: CVE-2026-40621 - ELECOM Wireless LAN Access Point Unauthenticated Access Vulnerability - Guide

Report: CVE-2026-40621 - ELECOM Wireless LAN Access Point Unauthenticated Access Vulnerability - Guide

2026-05-13 0
Report: CVE-2026-42062 - ELECOM Wireless LAN Access Point OS Command Injection Vulnerability

Report: CVE-2026-42062 - ELECOM Wireless LAN Access Point OS Command Injection Vulnerability

2026-05-13 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views