SiYuan: Authorization Bypass Allows Low-Privilege Publish User to Modify Notebook Content via /api/block/appendHeadingChildren in github.com/siyuan-note/siyuan/kernel
{
"review_status": "UNREVIEWED",
"url": "https://pkg.go.dev/vuln/GO-2026-4658"
}