CVE-2026-46372

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0

Description SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech models. The application contains a Server-Side Request Forgery (SSRF) issue—a flaw where a server is tricked into making requests to an unintended location—via the '/api/search/searxng' endpoint. An authenticated low-privilege user can provide a malicious baseUrl variable, which the server uses to build outbound fetches without performing allowlist, IP range, DNS, or scheme validation. This allows an attacker to point the request toward internal or loopback HTTP services and receive the response body, potentially disclosing information from internal admin panels, development services, or cloud metadata endpoints.

Recommendations Update to version 1.18.0. Enable and properly configure the Private Request Whitelisting filter, especially when the instance is hosted over a network.