Description
The web UI for SillyTavern is susceptible to DNS rebinding, allowing attackers to perform actions like install malicious extensions, read chats, inject arbitrary HTML for phishing, etc.
Recommendation
Update the sillytavern package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.13.4
- Patched version(s): 1.13.4
References
- GHSA-7cxj-w27x-x78q
- docs.sillytavern.app
- CVE-2025-59159
- CWE-346
- CWE-940
- CAPEC-310
- OWASP 2021-A6
- OWASP 2021-A7
Related Issues
- Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools - CVE-2025-9611
- Lobe Chat vulnerable to Server-Side Request Forgery with native web fetch module - CVE-2025-62505
- Dark Reader gives users the ability to request style sheets from local web servers - CVE-2025-68467
- CleverTap Web SDK is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage - CVE-2026-26862
- Tags:
- npm
- sillytavern
Anything's wrong? Let us know Last updated on October 06, 2025