VYPR

npm package

sillytavern

pkg:npm/sillytavern

Vulnerabilities (10)

  • CVE-2026-44652May 12, 2026
    affected < 1.18.0fixed 1.18.0

    ## Resolution SillyTavern 1.18.0 added a generic server-side request filter (Private Request Whitelisting). Since we expect users to use the application in a trusted environment, the filter is disabled by default, however it is strongly advised to be enabled and properly configu

  • CVE-2026-44651May 12, 2026
    affected < 1.18.0fixed 1.18.0

    ## Resolution Fixed in SillyTavern 1.18.0: a user-provided URL is no longer reflected in the HTTP response body. ## Overview - Vulnerability Type: XSS - Affected Location: `src/middleware/corsProxy.js:40` - Trigger Scenario: reflected XSS in CORS proxy error response ## Root C

  • CVE-2026-44650criMay 12, 2026
    affected < 1.18.0fixed 1.18.0

    ## Summary `POST /api/extensions/delete` endpoint accepts `extensionName: "."` which bypasses `sanitize-filename` validation, causing the entire user extensions directory to be recursively deleted. No authentication is required in the default configuration. ## Affected File

  • CVE-2026-44649criMay 12, 2026
    affected < 1.18.0fixed 1.18.0

    ## Resolution SillyTavern 1.18.0 now includes a configuration option to limit which IP addresses can authorize using SSO headers, limiting to just loopback addresses by default. A setting can be customized according to user's needs. Documentation: https://docs.sillytavern.app/a

  • CVE-2026-44648higMay 12, 2026
    affected < 1.18.0fixed 1.18.0

    ### Summary Changing a user’s password does not invalidate existing sessions, allowing an attacker with a stolen cookie to retain access even after the victim resets their password. ### Details SillyTavern relies on cookie-session for authentication, storing all session data (us

  • CVE-2026-34526MedApr 2, 2026
    affected < 1.17.0fixed 1.17.0

    SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against /^\d+\.\d+\.

  • CVE-2026-34524HigApr 2, 2026
    affected < 1.17.0fixed 1.17.0

    SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated

  • CVE-2026-34523MedApr 2, 2026
    affected < 1.17.0fixed 1.17.0

    SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows a

  • CVE-2026-34522HigApr 2, 2026
    affected < 1.17.0fixed 1.17.0

    SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in /api/chats/import allows an authentica

  • CVE-2025-59159CriOct 6, 2025
    affected < 1.13.4fixed 1.13.4

    SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebindi