https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 29 Jun 2026 14:51:24 +0000 https://vulnerability.circl.lu/sighting/885b75b3-5832-4b92-9ed1-42858ebbc525/export {"uuid": "885b75b3-5832-4b92-9ed1-42858ebbc525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54158", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116808864665371066", "content": "CVE-2026-54158: CRITICAL XSS in SiYuan (<3.7.0) allows persistent JS injection; on Electron clients, can escalate to RCE. Upgrade to 3.7.0+ ASAP. No active exploits reported. https://radar.offseq.com/threat/cve-2026-54158-cwe-79-improper-neutralization-of-i-cee0850f8d1e1264 #OffSeq #XSS #CVE202654158 #SiYuan", "creation_timestamp": "2026-06-25T04:30:32.778489Z"} {"uuid": "885b75b3-5832-4b92-9ed1-42858ebbc525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54158", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116808864665371066", "content": "CVE-2026-54158: CRITICAL XSS in SiYuan (<3.7.0) allows persistent JS injection; on Electron clients, can escalate to RCE. Upgrade to 3.7.0+ ASAP. No active exploits reported. https://radar.offseq.com/threat/cve-2026-54158-cwe-79-improper-neutralization-of-i-cee0850f8d1e1264 #OffSeq #XSS #CVE202654158 #SiYuan", "creation_timestamp": "2026-06-25T04:30:32.778489Z"} https://vulnerability.circl.lu/sighting/885b75b3-5832-4b92-9ed1-42858ebbc525/export Thu, 25 Jun 2026 04:30:32 +0000 https://vulnerability.circl.lu/sighting/6af79742-7247-4389-a30a-21f22321b00f/export {"uuid": "6af79742-7247-4389-a30a-21f22321b00f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54158", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp3lttwe2q2w", "content": "SiYuan (<3.7.0) hit by CRITICAL XSS (CVE-2026-54158) enabling persistent JavaScript injection and possible RCE on Electron clients. Upgrade to 3.7.0+ immediately. Details: https://radar.offseq.com/threat/cve-2026-54158-cwe-79-improper-neutralization-of-i-cee0850f8d1e1264 #OffSeq #CVE202654158 #Si...", "creation_timestamp": "2026-06-25T04:30:29.289348Z"} {"uuid": "6af79742-7247-4389-a30a-21f22321b00f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54158", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mp3lttwe2q2w", "content": "SiYuan (<3.7.0) hit by CRITICAL XSS (CVE-2026-54158) enabling persistent JavaScript injection and possible RCE on Electron clients. Upgrade to 3.7.0+ immediately. Details: https://radar.offseq.com/threat/cve-2026-54158-cwe-79-improper-neutralization-of-i-cee0850f8d1e1264 #OffSeq #CVE202654158 #Si...", "creation_timestamp": "2026-06-25T04:30:29.289348Z"} https://vulnerability.circl.lu/sighting/6af79742-7247-4389-a30a-21f22321b00f/export Thu, 25 Jun 2026 04:30:29 +0000 https://vulnerability.circl.lu/sighting/b77c8501-b4db-4547-9f1d-1b79fc189f5f/export {"uuid": "b77c8501-b4db-4547-9f1d-1b79fc189f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54158", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp3cq5vxrr2t", "content": "CVE-2026-54158 - SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()\nCVE ID : CVE-2026-54158\n \n Published : June 24, 2026, 9:19 p.m. | 3\u00a0hours, 51\u00a0minutes ago\n \n Description : SiYuan is an open-source personal knowledge management system. Prior to 3...", "creation_timestamp": "2026-06-25T01:47:21.416738Z"} {"uuid": "b77c8501-b4db-4547-9f1d-1b79fc189f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54158", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp3cq5vxrr2t", "content": "CVE-2026-54158 - SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()\nCVE ID : CVE-2026-54158\n \n Published : June 24, 2026, 9:19 p.m. | 3\u00a0hours, 51\u00a0minutes ago\n \n Description : SiYuan is an open-source personal knowledge management system. Prior to 3...", "creation_timestamp": "2026-06-25T01:47:21.416738Z"} https://vulnerability.circl.lu/sighting/b77c8501-b4db-4547-9f1d-1b79fc189f5f/export Thu, 25 Jun 2026 01:47:21 +0000