XSS in Sillytavern

CVE-2026-44651

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetch(url) throws, the code sends…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (19.5th percentile) — read the EPSS interpretation.