CVE-2026-46372

Published: May 29, 2026Modified: May 29, 2026Deferred

8.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

Exploitability: 3.1 / Impact: 4.7

Source: security-advisories@github.com (Secondary)

Description

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern exposes /api/search/searxng, which accepts attacker-controlled baseUrl and uses it directly to build outbound server-side fetches. An authenticated low-privilege user can point baseUrl at an internal or loopback HTTP service and receive the /search response body. This vulnerability is fixed in 1.18.0.

Related CWEs

CWE-918

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (2)

https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-qg89-qwwh-5f3j

Source: security-advisories@github.com

https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-qg89-qwwh-5f3j

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.