🚨 CVE-2026-33669: SiYuan (<3.6.2) has a CRITICAL out-of-bounds read flaw (CVSS 9.8). No auth/user interaction needed — remote attackers can leak sensitive memory. Upgrade to 3.6.2 ASAP! https://radar.offseq.com/threat/cve-2026-33669-cwe-125-out-of-bounds-read-in-siyua-064aace2 #OffSeq #Vulnerability #SiYuan #Cybersecurity

🚨 CRITICAL: CVE-2026-33670 in SiYuan (<3.6.2) lets remote attackers exploit /api/file/readDir for path traversal, exposing sensitive files. Patch to 3.6.2+ ASAP! Details: https://radar.offseq.com/threat/cve-2026-33670-cwe-22-improper-limitation-of-a-pat-0880f67a #OffSeq #vuln #infosec #SiYuan

⚠️ CVE-2026-32767: SiYuan (<3.6.1) has a CRITICAL SQL injection flaw in /api/search/fullTextSearchBlock. Any authenticated user can run SQL, risking full data compromise. Upgrade to 3.6.1+ ASAP. https://radar.offseq.com/threat/cve-2026-32767-cwe-89-improper-neutralization-of-s-8a5766fd #OffSeq #SiYuan #SQLInjection #Vuln

From Obsidian to SiYuan: Why Your Homelab Needs a Database, Not Just Notes 📚💻

As a system analyst, I’ve always been obsessed with structuring chaos. For years, Obsidian was my go-to "Second Brain." It’s powerful, but as my Homelab expanded, I realized I didn't just need notes — I needed a living documentation engine that I could access via web from any device in my network.

I’ve tested the whole spectrum: Docmost, Trillium, and AFFiNE.

- AFFiNE is beautiful (Notion + Miro vibes), but its "infinite canvas" often leads to visual chaos. It's great for sketching a network topology, but terrible when you need to find a specific CLI command via Ctrl+F.
- SiYuan changed the game for me. It’s currently at the heart of my local stack.

Why SiYuan is the "Final Boss" of Self-Hosted Note-taking:

1. Block-Level Granularity (JSON Power): 🧩
Unlike standard Markdown, SiYuan assigns a unique ID to every single paragraph and list item. This allows for transclusion—you can pull a specific VPN setup instruction into five different guides, and when you update the original, it updates everywhere.
2. The SQL Killer-Feature: ⚡
This is where it turns into a professional CMDB (Configuration Management Database). I don't manually track my 50+ Docker containers in a table. I just add custom attributes to my service notes:

custom-ip: 192.168.1.10
custom-port: 8080

Then, I use a native SQL query on my Dashboard to automatically generate a real-time "Service Matrix." If I change a port in a note, the master table updates itself. No more IP conflicts.

3. Performance & Sovereignty: 🛡️

- Resource Efficiency: While AFFiNE is a bit of a resource hog, SiYuan is incredibly light, idling at just 31MB in my Docker container.
- No Vendor-Lock: Even though it uses .sy (JSON) files for its advanced logic, the export to Markdown is flawless and can be automated via Kernel API.

The Verdict:
If you have 3-4 services, stick to Obsidian. But if you’re running a Proxmox cluster with complex networking, you need a tool that speaks SQL.

Don't let your documentation become legacy hardware. Give it a database-driven brain.

What about you? Are you a "pure Markdown" purist, or have you embraced the power of block-based databases like SiYuan or Notion? How do you track your Homelab inventory?

#SelfHosted #Homelab #SiYuan #Obsidian #KnowledgeManagement #SQL #SysAdmin #Documentation #TechStack #Privacy #OpenSource