Nixpkgs security tracker

Permalink CVE-2026-34523

5.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 1 month, 3 weeks ago Activity log

Created suggestion 1 month, 3 weeks ago

SillyTavern: Path traversal allows file existence oracle

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. by sending percent-encoded "../" sequences (%2E%2E%2F) in requests to static file routes, an attacker can check for the existence of files. This issue has been patched in version 1.17.0.

References

https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-525j-2hrj-m8fp x_refsource_CONFIRM
https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0 x_refsource_MISC

Affected products

SillyTavern

==< 1.17.0

Matching in nixpkgs

pkgs.sillytavern

LLM Frontend for Power Users

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.13.5
- nixos-25.11-small 1.13.5
- nixpkgs-25.11-darwin 1.13.5

Package maintainers

@wrvsrx wrvsrx <wrvsrx@outlook.com>

Permalink CVE-2026-34522

8.1 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 month, 3 weeks ago Activity log

Created suggestion 1 month, 3 weeks ago

SillyTavern: Path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in /api/chats/import allows an authenticated attacker to write attacker-controlled files outside the intended chats directory by injecting traversal sequences into character_name. This issue has been patched in version 1.17.0.

References

https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-xvww-xhx6-22pf x_refsource_CONFIRM
https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0 x_refsource_MISC

Affected products

SillyTavern

==< 1.17.0

Matching in nixpkgs

pkgs.sillytavern

LLM Frontend for Power Users

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.13.5
- nixos-25.11-small 1.13.5
- nixpkgs-25.11-darwin 1.13.5

Package maintainers

@wrvsrx wrvsrx <wrvsrx@outlook.com>

Permalink CVE-2026-34526

5.0 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 1 month, 3 weeks ago Activity log

Created suggestion 1 month, 3 weeks ago

SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against /^\d+\.\d+\.\d+\.\d+$/. This only matches literal dotted-quad IPv4 (e.g. 127.0.0.1, 10.0.0.1). It does not catch: localhost (hostname, not dotted-quad), [::1] (IPv6 loopback), and DNS names resolving to internal addresses (e.g. localtest.me -> 127.0.0.1). A separate port check (urlObj.port !== '') limits exploitation to services on default ports (80/443), making this lower severity than a fully unrestricted SSRF. This issue has been patched in version 1.17.0.

References

https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-wm7j-m6jm-8797 x_refsource_CONFIRMexploit
https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0 x_refsource_MISC

Affected products

SillyTavern

==< 1.17.0

Matching in nixpkgs

pkgs.sillytavern

LLM Frontend for Power Users

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.13.5
- nixos-25.11-small 1.13.5
- nixpkgs-25.11-darwin 1.13.5

Package maintainers

@wrvsrx wrvsrx <wrvsrx@outlook.com>

Permalink CVE-2026-34524

8.3 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): Low (L)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): Low (L)

created 1 month, 3 weeks ago Activity log

Created suggestion 1 month, 3 weeks ago

SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated attacker to read and delete arbitrary files under their user data root (for example secrets.json and settings.json) by supplying avatar_url="..". This issue has been patched in version 1.17.0.

References

https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-vprr-q85p-79mf x_refsource_CONFIRM
https://github.com/SillyTavern/SillyTavern/releases/tag/1.17.0 x_refsource_MISC

Affected products

SillyTavern

==< 1.17.0

Matching in nixpkgs

pkgs.sillytavern

LLM Frontend for Power Users

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.13.5
- nixos-25.11-small 1.13.5
- nixpkgs-25.11-darwin 1.13.5

Package maintainers

@wrvsrx wrvsrx <wrvsrx@outlook.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.sillytavern

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.sillytavern

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.sillytavern

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.sillytavern

Package maintainers