A vulnerability categorized as problematic has been discovered in SiYuan up to 3.6.0 . The impacted element is an unknown function of the component Setting Handler . Such manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-56397 . The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.