sillytavern
N/A
Developer
N/A
Latest version
N/A
Installations
N/A
Last updated
Vulnerability history
0 present
11 patched
0 Mitigation rules
- NPM: SillyTavern: SSRF in SearXNG Search Proxy via Unvalidated baseUrl<= 1.17.013 hours ago
- NPM: SillyTavern has a SSRF vulnerability in the CORS proxy middleware<= 1.17.07 days ago
- NPM: SillyTavern has a reflected XSS vulnerability in the CORS proxy middleware<= 1.17.07 days ago
- NPM: SillyTavern has a Path Traversal issue<= 1.17.07 days ago
- NPM: SillyTavern has Authentication Bypass via SSO Header Injection<= 1.17.07 days ago
- NPM: SillyTavern: Existing sessions are not invalidated after password change, allowing session reuse and account takeover<= 1.17.07 days ago
- NPM: SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6<= 1.16.001/04/2026
- NPM: SillyTavern: Path Traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root<= 1.16.001/04/2026
- NPM: SillyTavern: Path Traversal allows file existence oracle<= 1.16.001/04/2026
- NPM: SillyTavern has a path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory<= 1.16.001/04/2026
- NPM: SillyTavern Web Interface Vulnerable DNS Rebinding< 1.13.406/10/2025