SecuriTricks - CVE-2026-46372

Description

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern exposes /api/search/searxng, which accepts attacker-controlled baseUrl and uses it directly to build outbound server-side fetches. An authenticated low-privilege user can point baseUrl at an internal or loopback HTTP service and receive the /search response body. This vulnerability is fixed in 1.18.0.

Product(s) Impacted

Vendor	Product	Versions
Sillytavern	Sillytavern	<1.18.0, *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-918

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	sillytavern	sillytavern	<1.18.0	/	/	/	/	/	/	/
a	sillytavern	sillytavern	/	/	/	/	/	/	/	/

References

https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-qg89-qwwh-5f3j

CVSS Score

8.5 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: LOW
Scope: CHANGED
Confidentiality Impact: HIGH
Integrity Impact: LOW
Availability Impact: NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

View Vector String

Timeline

Published: May 29, 2026, 7:16 p.m.
Last Modified: May 29, 2026, 8:17 p.m.

Status : Deferred

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

CVE-2026-46372