CVE-2026-59855 - SiYuan: Store XSS To Rce via Asset.render
CVE ID :CVE-2026-59855 Published : July 9, 2026, 11:17 p.m. | 1 hour, 15 minutes ago Description :SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, Asset.render in app/src/asset/index.ts interpolates the unsanitized this.path value into HTML assigned to innerHTML,...