CVE-2026-34524 SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated attacker to read...

CVE-2026-34524 SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated attacker to read...

Directory Traversal

Overview sillytavern is a LLM Frontend for Power Users Affected versions of this package are vulnerable to Directory Traversal via the avatarurl parameter in the chat export and delete endpoints. An attacker can read or delete arbitrary files within the user data root by supplying directory...

GHSA-VPRR-Q85P-79MF SillyTavern: Path Traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

Summary A Path Traversal vulnerability in chat endpoints allows an authenticated attacker to read and delete arbitrary files under their user data root for example secrets.json and settings.json by supplying avatarurl="..". Details The input validator used by avatarurl blocks only / and NUL bytes...