CVE-2026-54158 | SiYuan up to 3.6.x AV File cross site scripting (GHSA-5xfx-xj4h-5p7r)
A vulnerability labeled as problematic has been found in SiYuan up to 3.6.x. Impacted is an unknown function of the component AV File Handler. Executing a manipulation can lead to cross site scripting.
This vulnerability is tracked as CVE-2026-54158. The attack can be launched remotely. No exploit exists.
The affected component should be upgraded.VulDB Recent EntriesRead More