CVE-2026-44649

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...

CVE-2026-44651

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44650

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

EUVD-2026-33405

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44651 SillyTavern: Reflected XSS vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44651

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44651 SillyTavern: Reflected XSS vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44650 SillyTavern: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

EUVD-2026-33404

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

CVE-2026-44650

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename...

CVE-2026-44650

CVE-2026-44650 affects SillyTavern (local UI for LLMs) where the POST /api/extensions/delete endpoint accepts extensionName: "." and bypasses sanitize-filename validation. This causes path traversal that deletes the entire user extensions directory (and potentially the global extensions dir) with...

CVE-2026-44648

CVE-2026-44648 affects SillyTavern where authentication relies on cookie-session, storing session data in a signed client cookie. Prior to version 1.18.0, endpoints POST /api/users/change-password and POST /api/users/recover-step2 only update the password hash and do not expire existing sessions,...

CVE-2026-44648 SillyTavern: Existing sessions are not invalidated after password change, allowing session reuse and account takeover

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern relies on cookie-session for authentication, storing all session data user handle,...

EUVD-2026-33401

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...

CVE-2026-44652 SillyTavern: SSRF vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

EUVD-2026-33399

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

CVE-2026-44652

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

CVE-2026-44652

SillyTavern is affected by an SSRF in the optional CORS proxy middleware (corsProxyMiddleware). Before version 1.18.0, it forwards req.params.url directly into fetch(url, ...) without enforcing a destination allowlist or blocking private/loopback targets, enabling an attacker-controlled URL to re...

CVE-2026-44652 SillyTavern: SSRF vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

SillyTavern 跨站脚本漏洞

SillyTavern is a frontend interface for the SillyTavern open-source language model. Versions of SillyTavern prior to 1.18.0 had a cross-site scripting vulnerability. This vulnerability occurred when the fetchurl function was called, causing the code to send error responses containing a URL value...