CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Summary The web UI for SillyTavern is susceptible to DNS rebinding, allowing attackers to perform actions like install malicious extensions, read chats, inject arbitrary HTML for phishing, etc. Details DNS rebinding is a method to bypass the CORS policies by tricking the browser into resolving...

9.6CVSS6.6AI score0.00239EPSS

Exploits0References7

Github Security Blog•added 2025/10/06 8:18 p.m.•18 views

SillyTavern Web Interface Vulnerable DNS Rebinding

9.6CVSS6.6AI score0.00239EPSS

Exploits0References7Affected Software1

Vulnrichment•added 2025/10/06 3:31 p.m.•2 views

CVE-2025-59159 SillyTavern Web Interface Vulnerable to DNS Rebinding

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing...

9.6CVSS6.1AI score0.00239EPSS

Exploits0References5

Cvelist•added 2025/10/06 9:14 a.m.•9 views

CVE-2025-0607 HTML Injection in Logo Software's Logo Cloud

Improper Encoding or Escaping of Output vulnerability in Logo Software Inc. Logo Cloud allows Phishing. This issue affects Logo Cloud: before 2.57...

4.3CVSS0.00171EPSS

Exploits0References2

CVE•added 2025/10/06 9:14 a.m.•10 views

CVE-2025-0607

CVE-2025-0607 affects Logo Cloud (Logo Software Inc.). Multiple sources confirm an improper encoding/escaping of output leads to phishing/XSS against Logo Cloud versions prior to 2.57. Impact is user interaction required with potential credential or data exposure via manipulation of output. Remed...

4.3CVSS5.4AI score0.00171EPSS

Exploits0References2

CNNVD•added 2025/10/06 12:0 a.m.•5 views

SillyTavern 安全漏洞

SillyTavern is an open source front-end interface for a large language model from SillyTavern. A security vulnerability exists in SillyTavern versions prior to 1.13.4, which stems from vulnerability to DNS rebinding attacks that could lead to the installation of malicious extensions, reading chat...

9.6CVSS6.3AI score0.00239EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•17 views

EUVD-2022-6644

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00616EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-3327

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00452EPSS

Exploits0References4