Wiz
Vulnerability DatabaseCVE-2025-59159

CVE-2025-59159
JavaScript vulnerability analysis and mitigation

Overview

CVE-2025-59159 affects SillyTavern, a locally installed user interface for interacting with text generation large language models, image generation engines, and text-to-speech voice models. The vulnerability, discovered in versions prior to 1.13.4, allows attackers to perform DNS rebinding attacks against the web interface, enabling unauthorized access to local instances. The flaw was disclosed on October 6, 2025, and has been assigned a Critical severity rating with a CVSS score of 9.7 (GitHub Advisory, NVD).

Technical details

The vulnerability stems from insufficient host validation in the SillyTavern web interface, which makes it susceptible to DNS rebinding attacks. This technique allows attackers to bypass browser Cross-Origin Resource Sharing (CORS) restrictions by manipulating DNS resolution to treat malicious external sites as trusted local domains. The attack can be executed by tricking a victim's browser into resolving an attacker-controlled domain to 127.0.0.1, effectively granting unauthorized access to the local SillyTavern instance's backend API (Security Online).

Impact

The vulnerability enables attackers to gain full control over victim's SillyTavern instances without requiring direct exposure to the internet. Successful exploitation allows attackers to read private chat logs, install malicious extensions, inject arbitrary HTML for phishing attacks, and access stored API keys and configuration data. This affects all installations hosted on local networks or Termux mobile environments if users visit a malicious website while SillyTavern is running (GitHub Advisory).

Mitigation and workarounds

The vulnerability has been patched in version 1.13.4 through the introduction of a server configuration setting that enables validation of hostnames in inbound HTTP requests. Users can enable this protection by setting hostWhitelist.enabled in the config.yaml file or using the SILLYTAVERNHOSTWHITELISTENABLED environment variable. While this setting is disabled by default for compatibility reasons, users are strongly encouraged to enable it, especially when hosting over local networks without SSL (SillyTavern Docs).

Additional resources

SourceThis report was generated using AI

Related JavaScript vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-59159CRITICAL9.6
  • JavaScriptJavaScript
  • sillytavern
NoYesOct 06, 2025
CVE-2025-56515HIGH8.8
  • JavaScriptJavaScript
  • fiora
NoNoOct 01, 2025
CVE-2025-59536HIGH8.7
  • JavaScriptJavaScript
  • @anthropic-ai/claude-code
NoYesOct 03, 2025
CVE-2025-61668HIGH8.7
  • JavaScriptJavaScript
  • @plone/volto
NoYesOct 02, 2025
CVE-2025-59829LOW2.3
  • JavaScriptJavaScript
  • @anthropic-ai/claude-code
NoYesOct 03, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo