CVE-2026-44651 SillyTavern: Reflected XSS vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44651

SillyTavern’s CVE-2026-44651 affects the CORS proxy middleware (src/middleware/corsProxy.js). Before version 1.18.0, when fetch(url) throws, the code writes a 500 error response that includes the attacker-controlled url directly in plain text: "Error occurred while trying to proxy to: " + url + …...

CVE-2026-44652 SillyTavern: SSRF vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

EUVD-2026-33399

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

CVE-2026-44652

SillyTavern is affected by an SSRF in the optional CORS proxy middleware (corsProxyMiddleware). Before version 1.18.0, it forwards req.params.url directly into fetch(url, ...) without enforcing a destination allowlist or blocking private/loopback targets, enabling an attacker-controlled URL to re...

SillyTavern 代码问题漏洞

SillyTavern is a frontend interface for the SillyTavern open-source language model. Versions of SillyTavern prior to 1.18.0 had code vulnerabilities. This vulnerability stemmed from the corsProxyMiddleware module, which directly forwarded req.params.url to fetchurl, .... This allowed loop request...

Server-side Request Forgery (SSRF)

Overview sillytavern is a LLM Frontend for Power Users Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the corsProxyMiddleware function. An attacker can access internal network services or sensitive metadata endpoints by supplying a crafted URL to the GET...

SillyTavern has a SSRF vulnerability in the CORS proxy middleware

Resolution SillyTavern 1.18.0 added a generic server-side request filter Private Request Whitelisting. Since we expect users to use the application in a trusted environment, the filter is disabled by default, however it is strongly advised to be enabled and properly configured when an instance is...

GHSA-XC4X-2452-5GC9 SillyTavern has a reflected XSS vulnerability in the CORS proxy middleware

Resolution Fixed in SillyTavern 1.18.0: a user-provided URL is no longer reflected in the HTTP response body. Overview - Vulnerability Type: XSS - Affected Location: src/middleware/corsProxy.js:40 - Trigger Scenario: reflected XSS in CORS proxy error response Root Cause When fetchurl throws, the...

Cross-site Scripting (XSS)

Overview sillytavern is a LLM Frontend for Power Users Affected versions of this package are vulnerable to Cross-site Scripting XSS in the corsProxy file. An attacker can execute arbitrary JavaScript in the victim's browser and in the victim's context by injecting malicious content into the url...

NPM: SillyTavern has a reflected XSS vulnerability in the CORS proxy middleware

NPM: SillyTavern has a reflected XSS vulnerability in the CORS proxy middleware discovered by ? in WordPress Npm sillytavern versions = 1.17.0...

PT-2026-40547

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0 Description SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech voice models. A reflected Cross-Site Scripting XSS issu...

PT-2026-40548

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0 Description SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech voice models. The corsProxyMiddleware function forwards...

Exploit for Deserialization of Untrusted Data in Facebook React

RSC/Next.js RCE Vulnerability Detector & PoC Chrome Extensio...

Malicious code in cors-proxy-server (npm)

The package cors-proxy-server was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Uber: Full read SSRF in flyte-poc-us-east4.uberinternal.com

Uber summary TBD. @shubs and I discovered an instance of Flyte Console on uberinternal.com. After auditing the open source code, we noticed an unauthenticated route for a “CORS proxy”. This was a classic server-side request forgery issue, allowing us to pass an arbitrary request to be performed b...

GHSA-V82V-RQ72-PHQ9 Server side request forgery in @isomorphic-git/cors-proxy

The package @isomorphic-git/cors-proxy before 2.7.1 is vulnerable to Server-side Request Forgery SSRF due to missing sanitization and validation of the redirection action in middleware.js...

Server side request forgery in @isomorphic-git/cors-proxy

The package @isomorphic-git/cors-proxy before 2.7.1 is vulnerable to Server-side Request Forgery SSRF due to missing sanitization and validation of the redirection action in middleware.js...

CVE-2021-23664

CVE-2021-23664 affects @isomorphic-git/cors-proxy before 2.7.1. The vulnerability is Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js. Exploitation details and public disclosures are present in connected advisories (GHSA/Snyk...

isomorphic-git 代码问题漏洞

isomorphic-git is a pure JavaScript implementation of open source git for node and browser environments including WebWorkers and ServiceWorkers. A security vulnerability exists in isomorphic-git cors-proxy versions prior to 2.7.1, which stems from a lack of cleanup and validation of redirect...