CVE-2026-54158 | SiYuan up to 3.6.x AV File cross site scripting (GHSA-5xfx-xj4h-5p7r)

SecurityVulns

A vulnerability labeled as problematic has been found in SiYuan up to 3.6.x. Impacted is an unknown function of the component AV File Handler. Executing a manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-54158. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More