CVE-2026-29073 | SiYuan up to 3.5.x /api/query/sql authorization

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability classified as problematic has been found in SiYuan up to 3.5.x. Affected is an unknown function of the file /api/query/sql. Performing a manipulation results in missing authorization.

This vulnerability is known as CVE-2026-29073. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-29073 | SiYuan up to 3.5.x /api/query/sql authorization

Post correlati

CVE-2025-57425 | SourceCodester FAQ Management System 1.0 update-faq.php question/answer cross site scripting

CVE-2023-48719 | Project Worlds Student Result Management System 1.0 add_students.php roll_no sql injection

CVE-2025-14106 | ZSPACE Q2C NAS up to 1.1.0210050 HTTP POST Request /v2/file/safe/close zfilev2_api.CloseSafe safe_dir command injection

CVE-2026-2065 | Flycatcher Toys smART Pixelator 2.0 Bluetooth Low Energy Interface missing authentication