SillyTavern is a locally installed user interface designed to interact with various AI models, including large language models and image generation engines. It provides a user-friendly way to manage and utilize these AI tools from a local environment.

What vulnerabilities were found in SillyTavern?

Multiple vulnerabilities were identified in SillyTavern, including path traversal issues that allow unauthorized file access and a server-side request forgery (SSRF) vulnerability. These flaws could enable attackers to read or write arbitrary files or make requests to internal services.

How do I fix the vulnerabilities in SillyTavern?

To address the identified vulnerabilities, users should update SillyTavern to version 1.17.0 or later. This update includes patches that mitigate the path traversal and SSRF issues, enhancing the security of the application.

What is a path traversal vulnerability?

A path traversal vulnerability allows an attacker to access files or directories outside of the intended directory. By manipulating file paths, an attacker can potentially read sensitive data or execute arbitrary code on the server.

SillyTavern: Multiple Vulnerabilities Patched in Version 1.17.0

Multiple vulnerabilities have been discovered in SillyTavern, including path traversal and server-side request forgery (SSRF) issues. These vulnerabilities could allow attackers to read or write arbitrary files, or make requests to internal services. Users running affected versions are strongly advised to update to version 1.17.0 to mitigate these risks.

These vulnerabilities range from medium to high severity, potentially leading to data compromise.

What is Sillytavern?

SillyTavern is a locally installed user interface designed for interacting with various AI models, including large language models, image generation engines, and text-to-speech systems. It provides a user-friendly way to manage and utilize these AI tools. To learn more, you can search all sillytavern CVEs. SillyTavern allows users to customize their interactions with AI models through various settings and configurations. However, vulnerabilities in the application can expose user data and the underlying system to potential risks. Therefore, keeping SillyTavern up-to-date is crucial for maintaining a secure environment.

CVE-2026-34526: SSRF via Incomplete IP Validation

CVSS5.0

Affected versionsSillyTavern versions prior to 1.17.0 are affected.

Medium severity due to limited SSRF exploitation.

EPSS score not available.

SillyTavern's IP validation in the `/api/search/visit` endpoint is incomplete, allowing Server-Side Request Forgery (SSRF). An attacker can bypass the validation using `localhost`, IPv6 loopback (`[::1]`), or DNS names resolving to internal addresses, potentially accessing internal services.

How to fix CVE-2026-34526 in SillyTavern

Patch within 7 days

1.Update SillyTavern to version 1.17.0 or later.

Update SillyTavern

npm update sillytavern

Workaround: No known workaround.

NextGuard automatically flags CVE-2026-34526 if SillyTavern appears in any of your monitored projects — no manual lookup required.

CVE-2026-34524: Path Traversal in Chat Endpoints

CVSS8.3

Affected versionsSillyTavern versions prior to 1.17.0 are affected.

High severity due to arbitrary file read/delete.

EPSS score not available.

A path traversal vulnerability exists in the `/api/chats/export` and `/api/chats/delete` endpoints of SillyTavern. An authenticated attacker can read and delete arbitrary files within the user data root by manipulating the `avatar_url` parameter.

How to fix CVE-2026-34524 in SillyTavern

Patch immediately

1.Update SillyTavern to version 1.17.0 or later.

Update SillyTavern

npm update sillytavern

Workaround: No known workaround.

NextGuard automatically flags CVE-2026-34524 if SillyTavern appears in any of your monitored projects — no manual lookup required.

CVE-2026-34523: File Existence Oracle via Path Traversal

CVSS5.3

Affected versionsSillyTavern versions prior to 1.17.0 are affected.

Medium severity due to file existence disclosure.

EPSS score not available.

A path traversal vulnerability in the static file route handler of SillyTavern allows unauthenticated users to determine the existence of files on the server's filesystem. By using percent-encoded `../` sequences in requests, an attacker can probe for file existence.

How to fix CVE-2026-34523 in SillyTavern

Patch within 7 days

1.Update SillyTavern to version 1.17.0 or later.

Update SillyTavern

npm update sillytavern

Workaround: No known workaround.

NextGuard automatically flags CVE-2026-34523 if SillyTavern appears in any of your monitored projects — no manual lookup required.

CVE-2026-34522: Path Traversal in `/api/chats/import`

CVSS8.1

Affected versionsSillyTavern versions prior to 1.17.0 are affected.

High severity due to arbitrary file write.

EPSS score not available.

A path traversal vulnerability in the `/api/chats/import` endpoint of SillyTavern allows authenticated attackers to write files outside the intended chats directory. By injecting traversal sequences into the `character_name` parameter, an attacker can write arbitrary files.

How to fix CVE-2026-34522 in SillyTavern

Patch immediately

1.Update SillyTavern to version 1.17.0 or later.

Update SillyTavern

npm update sillytavern

Workaround: No known workaround.

NextGuard automatically flags CVE-2026-34522 if SillyTavern appears in any of your monitored projects — no manual lookup required.

Stay ahead of nodejs vulnerabilities

Proactively manage your application security by identifying and remediating vulnerabilities. Use NextGuard to monitor your nodejs dependencies and receive alerts on new threats.

Compare Plans

Frequently asked questions

Multiple vulnerabilities were discovered in SillyTavern and have been addressed in version 1.17.0. It is crucial to update to the latest version to ensure the security of your application. See all nodejs vulnerabilities.