Sillytavern

Sillytavern

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.9

CVE-2026-44651

  • EPSS 0.32%
  • Veröffentlicht 29.05.2026 17:49:19
  • Zuletzt bearbeitet 29.05.2026 20:17:38

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetch(url) throws, the code sends: res.status...

9.1

CVE-2026-44650

  • EPSS 0.57%
  • Veröffentlicht 29.05.2026 17:48:03
  • Zuletzt bearbeitet 29.05.2026 20:17:38

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, POST /api/extensions/delete endpoint accepts exten...

7.5

CVE-2026-44648

  • EPSS 0.39%
  • Veröffentlicht 29.05.2026 17:46:27
  • Zuletzt bearbeitet 29.05.2026 20:17:38

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern relies on cookie-session for authentic...

9.8

CVE-2026-44649

  • EPSS 0.22%
  • Veröffentlicht 29.05.2026 17:45:26
  • Zuletzt bearbeitet 02.06.2026 03:16:17

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User (Authelia) and X-A...

6.9

CVE-2026-44652

  • EPSS 0.38%
  • Veröffentlicht 29.05.2026 17:43:07
  • Zuletzt bearbeitet 29.05.2026 20:17:38

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url direct...

8.5

CVE-2026-46372

  • EPSS 0.87%
  • Veröffentlicht 29.05.2026 17:41:58
  • Zuletzt bearbeitet 29.05.2026 20:17:38

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern exposes /api/search/searxng, which acc...

5

CVE-2026-34526

Exploit
  • EPSS 0.21%
  • Veröffentlicht 02.04.2026 17:16:55
  • Zuletzt bearbeitet 13.04.2026 18:39:45

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname i...

8.8

CVE-2026-34524

Exploit
  • EPSS 0.57%
  • Veröffentlicht 02.04.2026 17:15:22
  • Zuletzt bearbeitet 13.04.2026 18:43:05

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat end...

5.3

CVE-2026-34523

Exploit
  • EPSS 0.45%
  • Veröffentlicht 02.04.2026 17:14:31
  • Zuletzt bearbeitet 13.04.2026 18:35:55

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the stat...

8.1

CVE-2026-34522

Exploit
  • EPSS 0.41%
  • Veröffentlicht 02.04.2026 17:13:44
  • Zuletzt bearbeitet 13.04.2026 18:34:46

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in /api/cha...