🚨 SiYuan <3.6.4 has a CRITICAL stored XSS bug — malicious notes can trigger remote code execution in the desktop app. Upgrade to 3.6.4 now. Details: radar.offseq.com/threat/cve-2026-39846-cw... #OffSeq #SiYuan #security
SiYuan (<3.6.2) hit by CRITICAL XSS (CVSS 9.1) — attackers can escalate to OS command execution! Patch to 3.6.2+ & harden Electron configs now. Details: radar.offseq.com/threat/cve-2026-34448-cw... #OffSeq #SiYuan #XSS
SiYuan (<3.6.2) hit by CRITICAL RCE (CVE-2026-34449): Malicious sites can inject OS-level code via CORS flaw. Upgrade to 3.6.2+ now! radar.offseq.com/threat/cve-2026-34449-cw... #OffSeq #SiYuan #Security
CRITICAL out-of-bounds read in SiYuan (<3.6.2) enables remote, unauthenticated data compromise. Patch to 3.6.2 now to secure your data. radar.offseq.com/threat/cve-2026-33669-cw... #OffSeq #Vulnerability #SiYuan
CRITICAL: SiYuan (<3.6.2) hit by CVE-2026-33670 path traversal bug — remote attackers can access files outside notebooks. Upgrade to 3.6.2+ immediately. Info: radar.offseq.com/threat/cve-2026-33670-cw... #OffSeq #SiYuan #security
SiYuan <3.6.1 hit by CRITICAL SQL injection (CVE-2026-32767): low-priv users can run any SQL via /api/search/fullTextSearchBlock. Upgrade to 3.6.1+ ASAP! radar.offseq.com/threat/cve-2026-32767-cw... #OffSeq #SiYuan #SQLInjection
@stepan
I settled on #SiYuan
It seems quirky to start (maybe not if you used another KMS) I only used #Obsidian
I am quite happy about it.
Running it with Podman too.
Getting to like the #SiYuan knowledge management system.
Bonus:
#markdown text is superbly rendered.
E.g. You can copy-pasta AI summaries you want to locally keep.
Downside:
- You can insert PDF documents (after you install a widget, which is easy)
- You can NOT insert HTML documents […]
Ok.
So this is a perfect example of how to get the #LLM to #Vibecode gud.
I have wanted two instances of SiYuan. My efforts to do the obvious things to clone one from the other were failing (I had two instances but they were still interconnected somehow - in hindsight internal podman network […]
ok so it seems like they are transitioning to some new system, while also somehow keeping the old one (?)
#logseq has a lot of open issues, most of them don't seem to get resolved. On Android, I can only use backspace to delete blocks if I use GBoard or Samsung Keboard - no FOSS keyboard :((
And […]
The best thing about #SiYuan knowledge management system?
IT NATIVELY ACCEPTS COPY/PASTA MARKUP #AI REPORTS!
So, you can build a local repo of all your makina content without burning additional forests and draining rivers !!!
(Last report took 40minutes on pro plan 0_o)
So, one of the problems with #SiYuan knowledge management system is...
90% of the plugins are in Chinese.
Oh well, opportunity to go full on #Firefly
真沒耐性的佛祖 ・ Jen mei NAI-shing duh FWO-tzoo
Final Verdict... Im pretty happy with #SiYuan Knowledge management system. Happy enough to give it a whirl.
Easy to set up, and has some nice features.
As an aside... Its nice to see some SOLID Software come out of Peoples Republic of China.
If anyone cares... #SiYuan #NginX Seems rock solid stable now 😀
# === Essential Headers ===
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
# === Database Stability Timeouts ===
proxy_read_timeout 3600s […]
Prompt: Search for #NginX advanced proxy settings for stability of #SiYuan database. LIMIT SEARCH TO CHINESE LANGUAGE ONLY.
Yes... Ai is useless. No utility at all. None whatsover. Useless stochastic parrot. Bullshit machine.
#Deathstare
Addendum: #siyuan is buggy as fuckery out of the box. My attempts to build the knowledge base constantly ruined.
To be fair, the Moloch thinks it's due to the #NPM (NginX proxy manager) timeouts and store permissions.
But, we will persevere for now.
So far... I am liking #SiYuan #Zettlekasten system. Unlike #obsidian its build for network hosting use.
Istallation was a breeze.
My major gripe, and I guess it goes to all systems like this is document conversion. But then I guess, they are NOT a document management system.
Discover SiYuan: #Privacy-First Knowledge Management System 🧠
🔒 #SiYuan offers #privacy-first personal #knowledgemanagement with fine-grained block-level references
📝 Features #Markdown WYSIWYG editing with list outlining and block zoom-in capabilities
🧵 👇 #ai #opensource #cms
Hi all. Latest #PKM Weekly (15-Feb-25) is live:
@tana.inc Office hours and Skills
@capacities.bsky.social release
#Logseq Group views
@obsidian.md Updates and alternatives
#Anytype Updates (lots of them)
#Heptabase Task view
@noteey.bsky.social & #SiYuan updates
Many thanks as always👇
#pkmweekly
