A vulnerability was found in SiYuan up to 3.6.x and classified as critical . This affects the function model.Conf.Save of the file /api/graph/getGraph . Executing a manipulation can lead to improper authorization. This vulnerability is tracked as CVE-2026-45371 . The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.