{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34523", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T16:03:31.048Z", "datePublished": "2026-04-02T17:14:31.694Z", "dateUpdated": "2026-04-03T15:56:24.472Z"}, "containers": {"cna": {"title": "SillyTavern: Path traversal allows file existence oracle", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-525j-2hrj-m8fp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-525j-2hrj-m8fp"}, {"name": "https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0"}], "affected": [{"vendor": "SillyTavern", "product": "SillyTavern", "versions": [{"version": "< 1.17.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T17:14:31.694Z"}, "descriptions": [{"lang": "en", "value": "SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. by sending percent-encoded \"../\" sequences (%2E%2E%2F) in requests to static file routes, an attacker can check for the existence of files. This issue has been patched in version 1.17.0."}], "source": {"advisory": "GHSA-525j-2hrj-m8fp", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-03T15:54:43.014501Z", "id": "CVE-2026-34523", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T15:56:24.472Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34523", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T15:54:43.014501Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T15:56:15.595Z"}}], "cna": {"title": "SillyTavern: Path traversal allows file existence oracle", "source": {"advisory": "GHSA-525j-2hrj-m8fp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "SillyTavern", "product": "SillyTavern", "versions": [{"status": "affected", "version": "< 1.17.0"}]}], "references": [{"url": "https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-525j-2hrj-m8fp", "name": "https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-525j-2hrj-m8fp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0", "name": "https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. by sending percent-encoded \"../\" sequences (%2E%2E%2F) in requests to static file routes, an attacker can check for the existence of files. This issue has been patched in version 1.17.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T17:14:31.694Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34523", "state": "PUBLISHED", "dateUpdated": "2026-04-03T15:56:24.472Z", "dateReserved": "2026-03-30T16:03:31.048Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-02T17:14:31.694Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sillytavern:sillytavern:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "7E2E14B3-75EF-4DC4-84BE-8C2F5D6949A4", "versionEndExcluding": "1.17.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. by sending percent-encoded \"../\" sequences (%2E%2E%2F) in requests to static file routes, an attacker can check for the existence of files. This issue has been patched in version 1.17.0."}], "id": "CVE-2026-34523", "lastModified": "2026-04-13T18:35:55.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-02T18:16:29.613", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Exploit"], "url": "https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-525j-2hrj-m8fp"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.17.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "SillyTavern", "source": "cna", "vendor": "SillyTavern"}, "product": "sillytavern", "vendor": "sillytavern"}], "analysis": {"en": {"generated_at": "2026-04-13T19:29:39.203943+00:00", "value": {"mitigation_remediation": ["Upgrade SillyTavern to version 1.17.0 or newer."], "summary": {"action": "Apply Patch", "impact": "Sensitive information disclosure"}, "threat_synthesis": {"affected_systems": "The flaw affects the SillyTavern locally installed user interface, covering all versions released before 1.17.0 that run on Node.js. The vulnerability applies to any instance of SillyTavern where the static file route is reachable by external or local users.", "description_and_impact": "A path traversal flaw in SillyTavern\u2019s static file handler permits an unauthenticated user to confirm the presence of any file on the server by sending percent\u2011encoded '../' sequences. The result is a file\u2011existence oracle that reveals the file system layout and can expose sensitive data files. Although the vulnerability does not directly enable code execution, it provides a useful foothold for further attacks that rely on knowledge of the file structure.", "risk_and_exploitability": "The CVSS score of 5.3 indicates a moderate severity, and the EPSS score of less than 1% shows that automated exploitation attempts are unlikely at present. Because the attack target is an unauthenticated local or remote user who can reach the static routes, the risk is higher in environments where the application is exposed to untrusted traffic. The issue is not listed in the CISA KEV catalog, suggesting no known active exploitation in the wild."}}}}, "created": "2026-04-03T07:32:21.139683+00:00", "updated": "2026-04-14T16:42:01.257616+00:00", "vendors": ["sillytavern", "sillytavern$PRODUCT$sillytavern"]}