vulnerability

SUSE: CVE-2025-21609: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:N/C:N/I:C/A:C)	Jan 3, 2025	Jan 13, 2025	Dec 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:C/A:C)

Published

Jan 3, 2025

Added

Jan 13, 2025

Modified

Dec 5, 2025

Description

SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server. Commit d9887aeec1b27073bec66299a9a4181dc42969f3 fixes this vulnerability and is expected to be available in version 3.1.19.

Solution

suse-upgrade-govulncheck-vulndb

References

CVE-2025-21609
https://attackerkb.com/topics/CVE-2025-21609
CWE-459
CWE-552

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today