CVE-2026-40322 | SiYuan up to 3.6.3 Mermaid cross site scripting (GHSA-x63q-3rcj-hhp5)

A vulnerability marked as problematic has been reported in SiYuan up to 3.6.3. The impacted element is an unknown function of the component Mermaid Handler. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2026-40322. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More