CVE-2026-34524— SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

CVSS 8.3 · High EPSS 0.03% · P8 Updated Apr 04, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-34524

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

Source: NVD (National Vulnerability Database)

Vulnerability Description

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated attacker to read and delete arbitrary files under their user data root (for example secrets.json and settings.json) by supplying avatar_url="..". This issue has been patched in version 1.17.0.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

对路径名的限制不恰当(路径遍历)

Source: NVD (National Vulnerability Database)

Vulnerability Title

SillyTavern 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SillyTavern是SillyTavern开源的一个大语言模型的前端界面。 SillyTavern 1.17.0之前版本存在路径遍历漏洞，该漏洞源于聊天端点存在路径遍历，可能导致经过身份验证的攻击者读取和删除其用户数据根目录下的任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
SillyTavern	SillyTavern	< 1.17.0	-

II. Public POCs for CVE-2026-34524

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

Qwen3.6-35B-A3B · 7182 chars

Paid plan includes:

In-depth vulnerability mechanism

Trigger conditions & impact

Full executable POC code

Exploit chain & mitigation

POC zip download

100+ AI POC generations per month

Upgrade Pro to unlock ¥99/month Sign up first

III. Intelligence Information for CVE-2026-34524

请登录查看更多情报信息。

Same Patch Batch · SillyTavern · 2026-04-02 · 4 CVEs total

CVE-2026-34522	8.1 HIGH	SillyTavern: Path traversal in `/api/chats/import` allows arbitrary file write outside int
CVE-2026-34523	5.3 MEDIUM	SillyTavern: Path traversal allows file existence oracle
CVE-2026-34526	5.0 MEDIUM	SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and I

IV. Related Vulnerabilities

Same product: SillyTavern

Same vendor: SillyTavern

Same weakness: CWE-22

V. Comments for CVE-2026-34524

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-34524— SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

I. Basic Information for CVE-2026-34524

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-34524

III. Intelligence Information for CVE-2026-34524

Same Patch Batch · SillyTavern · 2026-04-02 · 4 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-34524

Leave a comment