SiYuan Vulnerable to Remote Code Execution via Malicious Bazaar Package — Marketplace XSS · GHSA-v3mg-9v85-fcm7 · GitHub Advisory Database

SiYuan Vulnerable to Remote Code Execution via Malicious Bazaar Package — Marketplace XSS

Moderate severity GitHub Reviewed Published Mar 14, 2026 in siyuan-note/siyuan • Updated Mar 16, 2026

Give feedback on Dependabot alerts