A vulnerability was found in siyuan-note SiYuan up to 3.7.0. It has been classified as problematic. The affected element is an unknown function of the file data/storage/criteria.json of the component Criteria Endpoint. Performing a manipulation results in information disclosure.

This vulnerability is identified as CVE-2026-59853. The attack can be initiated remotely. There is not any exploit available.