{"uuid": "53bea1f4-c919-4cf4-bf2b-2a2f2c09b72c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54069", "type": "seen", "source": "https://gist.github.com/alon710/4e3f9aded7567695df7a9de4278d2ca5", "content": "# CVE-2026-54069: CVE-2026-54069: Authentication Bypass in SiYuan Note via Origin Header Spoofing\n\n&gt; **CVSS Score:** 9.1\n&gt; **Published:** 2026-07-10\n&gt; **Full Report:** https://cvereports.com/reports/CVE-2026-54069\n\n## Summary\nCVE-2026-54069 is a critical authentication bypass vulnerability in the SiYuan Note personal knowledge management system. The flaw is located in the HTTP server's middleware handling API authorization, which unconditionally trusts requests carrying a 'chrome-extension://' scheme in the Origin HTTP header, granting administrative access without validating API tokens.\n\n## TL;DR\nA flaw in SiYuan Note's authorization middleware permits remote and local attackers to bypass authentication entirely by presenting a crafted Origin header starting with 'chrome-extension://'.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-346\n- **Attack Vector**: Network\n- **CVSS Score**: 9.1 (Critical)\n- **EPSS Score**: 0.00607\n- **Exploit Status**: poc\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- SiYuan Note Kernel\n- **SiYuan Note**: &lt; 3.7.0 (Fixed in: `3.7.0`)\n\n## Mitigation\n\n- Upgrade to version 3.7.0 or later\n- Ensure application binds strictly to localhost (127.0.0.1)\n- Restrict browser extensions in environments where desktop client runs\n\n**Remediation Steps:**\n1. Verify the current running version of the SiYuan Note kernel.\n2. Download and install version 3.7.0 or newer from the official GitHub release page.\n3. Update internal configuration files to bind services exclusively to loopback network interfaces.\n\n## References\n\n- [GitHub Security Advisory GHSA-hvr9-72v2-fff3](https://github.com/siyuan-note/siyuan/security/advisories/GHSA-hvr9-72v2-fff3)\n- [NVD - CVE-2026-54069](https://nvd.nist.gov/vuln/detail/CVE-2026-54069)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-54069) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-11T04:12:19.280241Z"}