CVE-2026-45375 | SiYuan up to 3.6.5 Setting plugin.json cross site scripting (GHSA-27qc-m5gf-jv5r)

A vulnerability was found in SiYuan up to 3.6.5. It has been classified as problematic. This vulnerability affects unknown code of the file plugin.json of the component Setting Handler. The manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2026-45375. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More