Description
POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename validation, causing the entire user extensions directory to be recursively deleted. No authentication is required in the default configuration.
Recommendation
Update the sillytavern package to the latest compatible version. Followings are version details:
- Affected version(s): <= 1.17.0
- Patched version(s): 1.18.0
References
Related Issues
- SillyTavern has a path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory - CVE-2026-34522
- liquidjs has a path traversal fallback vulnerability - CVE-2026-30952
- Rollup 4 has Arbitrary File Write via Path Traversal - CVE-2026-27606
- SillyTavern: Path Traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user - CVE-2026-34524
You might also like:
- Tags:
- npm
- sillytavern
Anything's wrong? Let us know Last updated on May 12, 2026


