CVE-2026-34522 SillyTavern: Path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in /api/chats/import allows an authenticated attacker to...