Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GO-2026-5001
  • Go/github.com/siyuan-note/siyuan/kernel
 SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution in github.com/siyuan-note/siyuan/kernel 20 May
  • No fix available
GHSA-27qc-m5gf-jv5r
  • Go/github.com/siyuan-note/siyuan/kernel
 SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution 13 May
  • No fix available
  • Severity - 9.0 (Critical)