CVE-2026-34524

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.17.0

Description A path traversal vulnerability exists in the chat endpoints of SillyTavern. An authenticated attacker can read and delete arbitrary files under their user data root, such as secrets.json and settings.json, by manipulating the avatar url parameter with a value of "..". The input validator for avatar url inadequately blocks traversal segments like .., allowing the construction of malicious file paths. The vulnerable endpoints include the export and delete paths. This allows direct access to files outside the intended chats directory. Successful exploitation can lead to the exposure of sensitive user data and the deletion of critical files, potentially disrupting account operation.

Recommendations Update to SillyTavern version 1.17.0 or later.